GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
69 advisories
Filter by severity
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot...
Critical
Unreviewed
CVE-2020-12523
was published
May 24, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an...
Moderate
Unreviewed
CVE-2020-20739
was published
May 24, 2022
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data....
Moderate
Unreviewed
CVE-2020-0340
was published
May 24, 2022
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This...
High
Unreviewed
CVE-2020-0321
was published
May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient...
Moderate
Unreviewed
CVE-2018-21247
was published
May 24, 2022
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0....
Moderate
Unreviewed
CVE-2020-13899
was published
May 24, 2022
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active...
Moderate
Unreviewed
CVE-2020-11741
was published
May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to...
Moderate
Unreviewed
CVE-2020-6792
was published
May 24, 2022
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was...
Moderate
Unreviewed
CVE-2019-19553
was published
May 24, 2022
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB...
Low
Unreviewed
CVE-2019-19536
was published
May 24, 2022
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious...
Low
Unreviewed
CVE-2019-19534
was published
May 24, 2022
Missing Initialization of Resource in Apache Arrow
High
CVE-2019-12410
was published
for
pyarrow
(RubyGems)
May 24, 2022
Missing Initialization of Resource in Apache Arrow
High
CVE-2019-12408
was published
for
pyarrow
(RubyGems)
May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote...
Moderate
Unreviewed
CVE-2019-9316
was published
May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9318
was published
May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9320
was published
May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9321
was published
May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote...
Moderate
Unreviewed
CVE-2019-9313
was published
May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9315
was published
May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9314
was published
May 24, 2022
In AAC Codec, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9247
was published
May 24, 2022
In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a...
Moderate
Unreviewed
CVE-2018-9511
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android...
Moderate
Unreviewed
CVE-2017-0730
was published
May 13, 2022
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization....
High
Unreviewed
CVE-2018-14647
was published
May 13, 2022
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before...
Low
Unreviewed
CVE-2011-1044
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API