GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
97 advisories
Filter by severity
The fetch(3) library uses environment variables for passing certain information, including the...
High
Unreviewed
CVE-2024-45289
was published
Nov 12, 2024
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2021-1661
was published
May 24, 2022
When the isula load command is used to load malicious images, attackers can execute arbitrary...
High
Unreviewed
CVE-2021-33636
was published
Oct 29, 2023
When malicious images are pulled by isula pull, attackers can execute arbitrary code.
High
Unreviewed
CVE-2021-33635
was published
Oct 29, 2023
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an...
High
Unreviewed
CVE-2023-28737
was published
Nov 14, 2023
NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a...
High
Unreviewed
CVE-2024-0089
was published
Jun 14, 2024
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-27322
was published
May 3, 2024
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-27324
was published
May 3, 2024
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-27325
was published
May 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
cfg80211: call...
High
Unreviewed
CVE-2021-47194
was published
Apr 10, 2024
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,...
High
Unreviewed
CVE-2017-18131
was published
May 24, 2022
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL)...
High
Unreviewed
CVE-2023-40596
was published
Aug 30, 2023
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond ...
High
Unreviewed
CVE-2020-35342
was published
Aug 22, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote...
High
Unreviewed
CVE-2023-27934
was published
May 8, 2023
A malicious actor may convince a victim to open a malicious USD file that may trigger an...
High
Unreviewed
CVE-2023-25010
was published
Apr 17, 2023
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.
High
Unreviewed
CVE-2020-3811
was published
May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by...
High
Unreviewed
CVE-2019-20063
was published
May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and...
High
Unreviewed
CVE-2019-14565
was published
May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns...
High
Unreviewed
CVE-2019-16921
was published
May 24, 2022
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix accesses to uninit...
High
Unreviewed
CVE-2023-52452
was published
Feb 22, 2024
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10...
High
Unreviewed
CVE-2008-3637
was published
May 2, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which...
High
Unreviewed
CVE-2008-0062
was published
May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or...
High
Unreviewed
CVE-2007-3749
was published
May 1, 2022
Improper initialization of x87 and SSE floating-point configuration registers in the...
High
Unreviewed
CVE-2022-46487
was published
Dec 30, 2023
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was...
High
Unreviewed
CVE-2023-49062
was published
Nov 28, 2023
ProTip!
Advisories are also available from the
GraphQL API