Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

69 advisories

Loading
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive... Moderate Unreviewed
CVE-2021-34693 was published May 24, 2022
In AAC Codec, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9247 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9314 was published May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote... Moderate Unreviewed
CVE-2019-9313 was published May 24, 2022
In libstagefright, there is a missing variable initialization. This could lead to remote... Moderate Unreviewed
CVE-2019-9316 was published May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9315 was published May 24, 2022
In libhevc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9318 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9320 was published May 24, 2022
In libavc, there is a missing variable initialization. This could lead to remote information... Moderate Unreviewed
CVE-2019-9321 was published May 24, 2022
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option,... High Unreviewed
CVE-2021-22898 was published May 24, 2022
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes... Moderate Unreviewed
CVE-2021-28167 was published May 24, 2022
Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared... Low Unreviewed
CVE-2024-32945 was published Jul 15, 2024
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always... High Unreviewed
CVE-2024-43873 was published Aug 21, 2024
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace,... High Unreviewed
CVE-2024-8178 was published Sep 5, 2024
Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault... Moderate Unreviewed
CVE-2023-5138 was published Jan 4, 2024
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted... High Unreviewed
CVE-2024-9780 was published Oct 10, 2024
Missing Initialization of Resource in Apache Arrow High
CVE-2019-12410 was published for pyarrow (RubyGems) May 24, 2022
Missing Initialization of Resource in Apache Arrow High
CVE-2019-12408 was published for pyarrow (RubyGems) May 24, 2022
jiajie-chen-havas
In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak... Moderate Unreviewed
CVE-2024-50076 was published Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database