GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,263
Erlang
31
GitHub Actions
21
Go
2,033
Maven
5,000+
npm
3,732
NuGet
662
pip
3,411
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
269 advisories
Filter by severity
Insufficient sanitization of environment variables passed to rsync can bypass the restrictions...
Critical
Unreviewed
CVE-2019-3464
was published
May 13, 2022
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote...
High
Unreviewed
CVE-2016-9446
was published
May 13, 2022
The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does...
Critical
Unreviewed
CVE-2017-13715
was published
May 13, 2022
slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root...
Moderate
Unreviewed
CVE-2017-14159
was published
May 13, 2022
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before...
Moderate
Unreviewed
CVE-2021-33130
was published
May 13, 2022
Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state...
High
Unreviewed
CVE-2021-26353
was published
May 11, 2022
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the...
Critical
Unreviewed
CVE-2022-0947
was published
May 11, 2022
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string...
Moderate
Unreviewed
CVE-2012-0012
was published
May 4, 2022
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10...
High
Unreviewed
CVE-2008-3637
was published
May 2, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which...
High
Unreviewed
CVE-2008-0062
was published
May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or...
High
Unreviewed
CVE-2007-3749
was published
May 1, 2022
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP...
Moderate
Unreviewed
CVE-2001-1471
was published
Apr 30, 2022
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until...
High
Unreviewed
CVE-1999-0993
was published
Apr 30, 2022
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco...
Moderate
Unreviewed
CVE-2022-20661
was published
Apr 16, 2022
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco...
High
Unreviewed
CVE-2022-20731
was published
Apr 16, 2022
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices,...
Moderate
Unreviewed
CVE-2022-22186
was published
Apr 15, 2022
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2...
High
Unreviewed
CVE-2021-44169
was published
Apr 7, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in...
High
Unreviewed
CVE-2022-22657
was published
Mar 19, 2022
A carefully crafted request body can cause a read to a random memory area which could cause the...
High
Unreviewed
CVE-2022-22719
was published
Mar 15, 2022
TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm
High
CVE-2020-8918
was published
for
github.com/google/go-tpm
(Go)
Feb 11, 2022
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user...
Moderate
Unreviewed
CVE-2021-0119
was published
Feb 11, 2022
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user...
Moderate
Unreviewed
CVE-2021-0125
was published
Feb 11, 2022
Improper initialization of shared resources in some Intel(R) Processors may allow an...
Moderate
Unreviewed
CVE-2021-0145
was published
Feb 11, 2022
A CWE-665: Improper Initialization vulnerability exists that could cause information exposure...
High
Unreviewed
CVE-2022-24316
was published
Feb 11, 2022
Improper Initialization in OpenZeppelin
High
CVE-2021-46320
was published
for
@openzeppelin/contracts
(npm)
Feb 5, 2022
ProTip!
Advisories are also available from the
GraphQL API