GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
281 advisories
Filter by severity
Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16990.
Moderate
Unreviewed
CVE-2020-16985
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails...
High
Unreviewed
CVE-2020-16932
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft Excel software when the software fails...
High
Unreviewed
CVE-2020-16931
was published
May 24, 2022
In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to...
Moderate
Unreviewed
CVE-2020-0411
was published
May 24, 2022
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user...
Moderate
Unreviewed
CVE-2020-17482
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14704
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14703
was published
May 24, 2022
An information disclosure vulnerability exists when Microsoft Office software reads out of bound...
Moderate
Unreviewed
CVE-2020-1342
was published
May 24, 2022
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before...
Low
Unreviewed
CVE-2020-3964
was published
May 24, 2022
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to...
Low
Unreviewed
CVE-2020-12864
was published
May 24, 2022
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows...
Low
Unreviewed
CVE-2020-10732
was published
May 24, 2022
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote...
Moderate
Unreviewed
CVE-2020-13113
was published
May 24, 2022
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim...
Moderate
Unreviewed
CVE-2020-10933
was published
May 24, 2022
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2020-6444
was published
May 24, 2022
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2....
Low
Unreviewed
CVE-2020-11494
was published
May 24, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying...
High
Unreviewed
CVE-2020-1934
was published
May 24, 2022
When processing an email message with an ill-formed envelope, Thunderbird could read data from a...
Moderate
Unreviewed
CVE-2020-6793
was published
May 24, 2022
When deriving an identifier for an email message, uninitialized memory was used in addition to...
Moderate
Unreviewed
CVE-2020-6792
was published
May 24, 2022
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote...
Moderate
Unreviewed
CVE-2020-6398
was published
May 24, 2022
In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of...
Moderate
Unreviewed
CVE-2020-0006
was published
May 24, 2022
In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to...
Low
Unreviewed
CVE-2020-0007
was published
May 24, 2022
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB...
Low
Unreviewed
CVE-2019-19947
was published
May 24, 2022
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2019-13751
was published
May 24, 2022
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB...
Low
Unreviewed
CVE-2019-19535
was published
May 24, 2022
In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in...
Low
Unreviewed
CVE-2019-18786
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API