GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,263
Erlang
31
GitHub Actions
21
Go
2,033
Maven
5,000+
npm
3,732
NuGet
662
pip
3,411
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
269 advisories
Filter by severity
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in...
Moderate
Unreviewed
CVE-2019-15681
was published
May 24, 2022
The "Forget about this site" feature in the History pane is intended to remove all saved user...
Moderate
Unreviewed
CVE-2019-11747
was published
May 24, 2022
In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/infiniband/hw/hns...
High
Unreviewed
CVE-2019-16921
was published
May 24, 2022
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP)...
High
Unreviewed
CVE-2019-12646
was published
May 24, 2022
Moby Docker cp broken with debian containers
Critical
CVE-2019-14271
was published
for
github.com/docker/docker
(Go)
May 24, 2022
In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE...
Moderate
Unreviewed
CVE-2019-5605
was published
May 24, 2022
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in...
Critical
Unreviewed
CVE-2018-11949
was published
May 24, 2022
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,...
High
Unreviewed
CVE-2017-18131
was published
May 24, 2022
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer,...
Low
Unreviewed
CVE-2014-8181
was published
May 17, 2022
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable...
High
Unreviewed
CVE-2014-9942
was published
May 17, 2022
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and...
Moderate
Unreviewed
CVE-2013-1675
was published
May 17, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the...
Moderate
Unreviewed
CVE-2017-15897
was published
May 14, 2022
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs...
Low
Unreviewed
CVE-2014-0178
was published
May 14, 2022
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS...
High
Unreviewed
CVE-2018-6947
was published
May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue affected...
Moderate
Unreviewed
CVE-2018-4351
was published
May 13, 2022
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite ...
Moderate
Unreviewed
CVE-2018-2934
was published
May 13, 2022
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The...
High
Unreviewed
CVE-2018-14678
was published
May 13, 2022
Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server...
High
Unreviewed
CVE-2018-12204
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11943
was published
May 13, 2022
The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016...
High
Unreviewed
CVE-2017-8576
was published
May 13, 2022
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an...
Moderate
Unreviewed
CVE-2017-6267
was published
May 13, 2022
An issue with incorrect ownership model of "privateBrowsing" information exposed through...
Critical
Unreviewed
CVE-2017-5468
was published
May 13, 2022
A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series...
Moderate
Unreviewed
CVE-2017-3820
was published
May 13, 2022
The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a...
Moderate
Unreviewed
CVE-2017-14681
was published
May 13, 2022
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a...
High
Unreviewed
CVE-2017-14609
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API