GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
98 advisories
Filter by severity
A memory initialization issue was addressed with improved memory handling. This issue is fixed in...
High
Unreviewed
CVE-2020-9863
was published
May 24, 2022
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a...
High
Unreviewed
CVE-2020-10139
was published
May 24, 2022
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an...
High
Unreviewed
CVE-2020-10138
was published
May 24, 2022
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.
High
Unreviewed
CVE-2020-3811
was published
May 24, 2022
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable...
High
Unreviewed
CVE-2019-7630
was published
May 24, 2022
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by...
High
Unreviewed
CVE-2019-20063
was published
May 24, 2022
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and...
High
Unreviewed
CVE-2019-14565
was published
May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns...
High
Unreviewed
CVE-2019-16921
was published
May 24, 2022
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP)...
High
Unreviewed
CVE-2019-12646
was published
May 24, 2022
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,...
High
Unreviewed
CVE-2017-18131
was published
May 24, 2022
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable...
High
Unreviewed
CVE-2014-9942
was published
May 17, 2022
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS...
High
Unreviewed
CVE-2018-6947
was published
May 13, 2022
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The...
High
Unreviewed
CVE-2018-14678
was published
May 13, 2022
Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server...
High
Unreviewed
CVE-2018-12204
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11943
was published
May 13, 2022
The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016...
High
Unreviewed
CVE-2017-8576
was published
May 13, 2022
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a...
High
Unreviewed
CVE-2017-14609
was published
May 13, 2022
MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account,...
High
Unreviewed
CVE-2017-14102
was published
May 13, 2022
An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product...
High
Unreviewed
CVE-2017-13153
was published
May 13, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0...
High
Unreviewed
CVE-2017-12736
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (avc decoder). Product:...
High
Unreviewed
CVE-2017-0745
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libavc). Product: Android....
High
Unreviewed
CVE-2017-0723
was published
May 13, 2022
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use...
High
Unreviewed
CVE-2017-0641
was published
May 13, 2022
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal...
High
Unreviewed
CVE-2016-9594
was published
May 13, 2022
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure...
High
Unreviewed
CVE-2017-12262
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API