Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

267 advisories

Loading
A malicious actor may convince a victim to open a malicious USD file that may trigger an... High Unreviewed
CVE-2023-25010 was published Apr 17, 2023
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. High Unreviewed
CVE-2020-3811 was published May 24, 2022
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors... Critical Unreviewed
CVE-2015-8367 was published May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by... High Unreviewed
CVE-2019-20063 was published May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and... High Unreviewed
CVE-2019-14565 was published May 24, 2022
The "Forget about this site" feature in the History pane is intended to remove all saved user... Moderate Unreviewed
CVE-2019-11747 was published May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns... High Unreviewed
CVE-2019-16921 was published May 24, 2022
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in... Critical Unreviewed
CVE-2018-11949 was published May 24, 2022
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit... High Unreviewed
CVE-2023-52452 was published Feb 22, 2024
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure... Low Unreviewed
CVE-2021-36319 was published Nov 21, 2021
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2018-2934 was published May 13, 2022
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10... High Unreviewed
CVE-2008-3637 was published May 2, 2022
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP... Moderate Unreviewed
CVE-2001-1471 was published Apr 30, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which... High Unreviewed
CVE-2008-0062 was published May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or... High Unreviewed
CVE-2007-3749 was published May 1, 2022
An improper initialization vulnerability was found in Galleon. When using Galleon to provision... Moderate Unreviewed
CVE-2023-4503 was published Feb 6, 2024
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2020-16901 was published May 24, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Low Unreviewed
CVE-2020-1592 was published May 24, 2022
Open Management Infrastructure Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-38647 was published May 24, 2022
Improper initialization of x87 and SSE floating-point configuration registers in the... High Unreviewed
CVE-2022-46487 was published Dec 30, 2023
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was... High Unreviewed
CVE-2023-49062 was published Nov 28, 2023
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without... Low Unreviewed
CVE-2023-45085 was published Dec 5, 2023
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized.... Moderate Unreviewed
CVE-2023-5370 was published Oct 4, 2023
When the isula export command is used to export a container to an image and the container is... Moderate Unreviewed
CVE-2021-33637 was published Oct 29, 2023
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS. Moderate Unreviewed
CVE-2021-33634 was published Oct 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database