GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
69 advisories
Filter by severity
Memory corruption in array-tools
Critical
CVE-2020-36452
was published
for
array-tools
(Rust)
Aug 25, 2021
In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel...
Moderate
Unreviewed
CVE-2021-39636
was published
Dec 16, 2021
In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to...
Moderate
Unreviewed
CVE-2021-0961
was published
Dec 16, 2021
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this...
High
Unreviewed
CVE-2021-39966
was published
Jan 4, 2022
Missing Initialization of Resource in pnet
High
CVE-2019-25054
was published
for
pnet
(Rust)
Jan 6, 2022
An information disclosure vulnerability exists in the pick-and-place rotation parsing...
Moderate
Unreviewed
CVE-2021-40403
was published
Feb 10, 2022
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets...
Low
Unreviewed
CVE-2022-24448
was published
Feb 10, 2022
An information leak flaw was found due to uninitialized memory in the Linux kernel’s TIPC...
Moderate
Unreviewed
CVE-2022-0382
was published
Feb 12, 2022
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x...
Low
Unreviewed
CVE-2009-3228
was published
May 2, 2022
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c...
High
Unreviewed
CVE-2022-29968
was published
May 3, 2022
It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly...
High
Unreviewed
CVE-2019-3804
was published
May 13, 2022
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a...
High
Unreviewed
CVE-2018-10811
was published
May 13, 2022
The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not...
Low
Unreviewed
CVE-2010-4083
was published
May 13, 2022
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not...
Low
Unreviewed
CVE-2010-3297
was published
May 13, 2022
The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2...
Low
Unreviewed
CVE-2010-4082
was published
May 13, 2022
The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not...
Low
Unreviewed
CVE-2010-3877
was published
May 13, 2022
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain...
Low
Unreviewed
CVE-2010-3876
was published
May 13, 2022
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6...
Low
Unreviewed
CVE-2010-4078
was published
May 13, 2022
The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36...
Low
Unreviewed
CVE-2010-4081
was published
May 13, 2022
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before...
Low
Unreviewed
CVE-2011-1044
was published
May 13, 2022
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization....
High
Unreviewed
CVE-2018-14647
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android...
Moderate
Unreviewed
CVE-2017-0730
was published
May 13, 2022
In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a...
Moderate
Unreviewed
CVE-2018-9511
was published
May 13, 2022
In AAC Codec, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9247
was published
May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information...
Moderate
Unreviewed
CVE-2019-9314
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API