Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

69 advisories

Loading
In libhevc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9315 was published May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote... Moderate Unreviewed
CVE-2019-9313 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9320 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9321 was published May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote... Moderate Unreviewed
CVE-2019-9316 was published May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9318 was published May 24, 2022
Missing Initialization of Resource in Apache Arrow High
CVE-2019-12408 was published for pyarrow (RubyGems) May 24, 2022
jiajie-chen-havas
Missing Initialization of Resource in Apache Arrow High
CVE-2019-12410 was published for pyarrow (RubyGems) May 24, 2022
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious... Low Unreviewed
CVE-2019-19534 was published May 24, 2022
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB... Low Unreviewed
CVE-2019-19536 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was... Moderate Unreviewed
CVE-2019-19553 was published May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to... Moderate Unreviewed
CVE-2020-6792 was published May 24, 2022
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active... Moderate Unreviewed
CVE-2020-11741 was published May 24, 2022
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0.... Moderate Unreviewed
CVE-2020-13899 was published May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient... Moderate Unreviewed
CVE-2018-21247 was published May 24, 2022
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This... High Unreviewed
CVE-2020-0321 was published May 24, 2022
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data.... Moderate Unreviewed
CVE-2020-0340 was published May 24, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an... Moderate Unreviewed
CVE-2020-20739 was published May 24, 2022
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot... Critical Unreviewed
CVE-2020-12523 was published May 24, 2022
Missing initialization of a variable in the TPM2 source may allow a privileged user to... Moderate Unreviewed
CVE-2020-24455 was published May 24, 2022
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0... High Unreviewed
CVE-2021-1405 was published May 24, 2022
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes... Moderate Unreviewed
CVE-2021-28167 was published May 24, 2022
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a... Moderate Unreviewed
CVE-2021-0484 was published May 24, 2022
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option,... High Unreviewed
CVE-2021-22898 was published May 24, 2022
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public... Moderate Unreviewed
CVE-2021-28687 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database