GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
102 advisories
Filter by severity
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization...
High
Unreviewed
CVE-2011-3927
was published
May 13, 2022
A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow...
High
Unreviewed
CVE-2019-1840
was published
May 13, 2022
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure...
High
Unreviewed
CVE-2017-12262
was published
May 13, 2022
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal...
High
Unreviewed
CVE-2016-9594
was published
May 13, 2022
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use...
High
Unreviewed
CVE-2017-0641
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libavc). Product: Android....
High
Unreviewed
CVE-2017-0723
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (avc decoder). Product:...
High
Unreviewed
CVE-2017-0745
was published
May 13, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0...
High
Unreviewed
CVE-2017-12736
was published
May 13, 2022
An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product...
High
Unreviewed
CVE-2017-13153
was published
May 13, 2022
MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account,...
High
Unreviewed
CVE-2017-14102
was published
May 13, 2022
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a...
High
Unreviewed
CVE-2017-14609
was published
May 13, 2022
The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016...
High
Unreviewed
CVE-2017-8576
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11943
was published
May 13, 2022
Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server...
High
Unreviewed
CVE-2018-12204
was published
May 13, 2022
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The...
High
Unreviewed
CVE-2018-14678
was published
May 13, 2022
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS...
High
Unreviewed
CVE-2018-6947
was published
May 13, 2022
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable...
High
Unreviewed
CVE-2014-9942
was published
May 17, 2022
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,...
High
Unreviewed
CVE-2017-18131
was published
May 24, 2022
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP)...
High
Unreviewed
CVE-2019-12646
was published
May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns...
High
Unreviewed
CVE-2019-16921
was published
May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and...
High
Unreviewed
CVE-2019-14565
was published
May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by...
High
Unreviewed
CVE-2019-20063
was published
May 24, 2022
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable...
High
Unreviewed
CVE-2019-7630
was published
May 24, 2022
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.
High
Unreviewed
CVE-2020-3811
was published
May 24, 2022
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an...
High
Unreviewed
CVE-2020-10138
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API