Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,470
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

363 advisories

Loading
crayon: ObjectPool creates uninitialized memory when freeing objects High
GHSA-xfhw-6mc4-mgxf was published for crayon (Rust) Apr 5, 2024
In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in... High Unreviewed
CVE-2021-47101 was published Mar 4, 2024
In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccp_v4_err()... Moderate Unreviewed
CVE-2023-52577 was published Mar 3, 2024
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix... Moderate Unreviewed
CVE-2023-52528 was published Mar 3, 2024
In the Linux kernel, the following vulnerability has been resolved: crypto: qat -... Moderate Unreviewed
CVE-2021-47056 was published Mar 1, 2024
Uninitialized Variable in fastecdsa High
CVE-2024-21502 was published for fastecdsa (pip) Feb 24, 2024
Helm's Missing YAML Content Leads To Panic High
CVE-2024-26147 was published for helm.sh/helm/v3 (Go) Feb 22, 2024
jake-ciolek
When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause... High Unreviewed
CVE-2024-23314 was published Feb 14, 2024
Windows CoreMessaging Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-20694 was published Jan 9, 2024
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP... Moderate Unreviewed
CVE-2023-42797 was published Jan 9, 2024
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products... Moderate Unreviewed
CVE-2023-4489 was published Dec 15, 2023
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537... High Unreviewed
CVE-2023-31275 was published Nov 27, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information... Moderate Unreviewed
CVE-2023-46100 was published Nov 20, 2023
An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther... Moderate Unreviewed
CVE-2023-31192 was published Oct 12, 2023
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may... Moderate Unreviewed
CVE-2023-25585 was published Sep 14, 2023
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the ... Moderate Unreviewed
CVE-2023-25588 was published Sep 14, 2023
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may... Moderate Unreviewed
CVE-2023-25586 was published Sep 14, 2023
In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data.... High Unreviewed
CVE-2023-21233 was published Aug 15, 2023
In writeToParcel of CursorWindow.cpp, there is a possible information disclosure due to... Moderate Unreviewed
CVE-2023-21276 was published Aug 15, 2023
Use of uninitialized resource in some Intel(R) NUC BIOS firmware may allow a privileged user to... Moderate Unreviewed
CVE-2023-22330 was published Aug 11, 2023
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to... Moderate Unreviewed
CVE-2023-3488 was published Jul 28, 2023
A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper... Moderate Unreviewed
CVE-2023-36836 was published Jul 14, 2023
The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized... Moderate Unreviewed
CVE-2021-0948 was published Jul 13, 2023
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it... High Unreviewed
CVE-2023-35847 was published Jun 19, 2023
The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in... Moderate Unreviewed
CVE-2023-2747 was published Jun 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database