GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,282
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
34 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
vt: prevent kernel-infoleak...
Moderate
Unreviewed
CVE-2024-50076
was published
Oct 29, 2024
Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault...
Moderate
Unreviewed
CVE-2023-5138
was published
Jan 4, 2024
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes...
Moderate
Unreviewed
CVE-2021-28167
was published
May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9318
was published
May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9320
was published
May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9321
was published
May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9315
was published
May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote...
Moderate
Unreviewed
CVE-2019-9316
was published
May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote...
Moderate
Unreviewed
CVE-2019-9313
was published
May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9314
was published
May 24, 2022
In AAC Codec, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9247
was published
May 24, 2022
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive...
Moderate
Unreviewed
CVE-2021-34693
was published
May 24, 2022
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an...
Moderate
Unreviewed
CVE-2020-20739
was published
May 24, 2022
In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a...
Moderate
Unreviewed
CVE-2018-9511
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android...
Moderate
Unreviewed
CVE-2017-0730
was published
May 13, 2022
In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to...
Moderate
Unreviewed
CVE-2021-0961
was published
Dec 16, 2021
In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to...
Moderate
Unreviewed
CVE-2022-20357
was published
Aug 11, 2022
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly...
Moderate
Unreviewed
CVE-2022-0175
was published
Aug 27, 2022
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to...
Moderate
Unreviewed
CVE-2019-16714
was published
May 24, 2022
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of...
Moderate
Unreviewed
CVE-2021-22482
was published
May 24, 2022
An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset...
Moderate
Unreviewed
CVE-2021-26333
was published
May 24, 2022
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public...
Moderate
Unreviewed
CVE-2021-28687
was published
May 24, 2022
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a...
Moderate
Unreviewed
CVE-2021-0484
was published
May 24, 2022
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data....
Moderate
Unreviewed
CVE-2020-0340
was published
May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. There is a memory leak in the libvncclient...
Moderate
Unreviewed
CVE-2018-21247
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API