Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

281 advisories

Loading
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0... High Unreviewed
CVE-2021-32846 was published Feb 18, 2023
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0... High Unreviewed
CVE-2021-32845 was published Feb 18, 2023
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before... High Unreviewed
CVE-2023-22281 was published Feb 1, 2023
Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21. High Unreviewed
CVE-2022-47012 was published Jan 20, 2023
** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as... Critical Unreviewed
CVE-2020-36617 was published Dec 18, 2022
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized... High Unreviewed
CVE-2022-2949 was published Dec 13, 2022
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized... High Unreviewed
CVE-2022-2950 was published Dec 13, 2022
A vulnerability classified as problematic has been found in Linux Kernel. This affects the... Moderate Unreviewed
CVE-2022-3642 was published Oct 21, 2022
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious... High Unreviewed
CVE-2022-34390 was published Oct 13, 2022
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive... Moderate Unreviewed
CVE-2022-40768 was published Sep 19, 2022
A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver... High Unreviewed
CVE-2022-2308 was published Sep 2, 2022
In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to... Moderate Unreviewed
CVE-2021-0698 was published Aug 25, 2022
In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to... Moderate Unreviewed
CVE-2021-0887 was published Aug 25, 2022
A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when... High Unreviewed
CVE-2020-27795 was published Aug 20, 2022
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local... Moderate Unreviewed
CVE-2022-33716 was published Aug 6, 2022
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when... High Unreviewed
CVE-2022-34655 was published Aug 5, 2022
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a... Moderate Unreviewed
CVE-2022-34266 was published Jul 20, 2022
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail... High Unreviewed
CVE-2022-35414 was published Jul 12, 2022
The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service... Moderate Unreviewed
CVE-2021-40608 was published Jun 29, 2022
Uncontrolled Resource Consumption in @discordjs/opus High
CVE-2022-25345 was published for @discordjs/opus (npm) Jun 18, 2022
DEVTomatoCake vladfrangu
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel... Low Unreviewed
CVE-2021-21781 was published May 24, 2022
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
vim is vulnerable to Stack-based Buffer Overflow High Unreviewed
CVE-2021-3928 was published May 24, 2022
In display driver, there is a possible memory corruption due to uninitialized data. This could... High Unreviewed
CVE-2021-0634 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API