Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

133 advisories

Loading
In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE... Moderate Unreviewed
CVE-2019-5605 was published May 24, 2022
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and... Moderate Unreviewed
CVE-2013-1675 was published May 17, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the... Moderate Unreviewed
CVE-2017-15897 was published May 14, 2022
A memory initialization issue was addressed with improved memory handling. This issue affected... Moderate Unreviewed
CVE-2018-4351 was published May 13, 2022
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2018-2934 was published May 13, 2022
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an... Moderate Unreviewed
CVE-2017-6267 was published May 13, 2022
A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series... Moderate Unreviewed
CVE-2017-3820 was published May 13, 2022
The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a... Moderate Unreviewed
CVE-2017-14681 was published May 13, 2022
UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account,... Moderate Unreviewed
CVE-2017-13649 was published May 13, 2022
Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root... Moderate Unreviewed
CVE-2017-12847 was published May 13, 2022
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before... Moderate Unreviewed
CVE-2017-10972 was published May 13, 2022
A denial of service vulnerability in the Android media framework (libavc). Product: Android.... Moderate Unreviewed
CVE-2017-0735 was published May 13, 2022
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean... Moderate Unreviewed
CVE-2017-12164 was published May 13, 2022
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed... Moderate Unreviewed
CVE-2018-1118 was published May 13, 2022
A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE... Moderate Unreviewed
CVE-2019-1761 was published May 13, 2022
drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port... Moderate Unreviewed
CVE-2010-4343 was published May 13, 2022
net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures,... Moderate Unreviewed
CVE-2010-4655 was published May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in... Moderate Unreviewed
CVE-2019-6208 was published May 13, 2022
An information disclosure vulnerability exists when the Windows kernel fails to properly... Moderate Unreviewed
CVE-2019-0782 was published May 13, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2019-0767 was published May 13, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2019-0663 was published May 13, 2022
An information disclosure vulnerability exists when Remote Procedure Call runtime improperly... Moderate Unreviewed
CVE-2018-8514 was published May 13, 2022
An information disclosure vulnerability exists when the Windows kernel fails to properly... Moderate Unreviewed
CVE-2018-8419 was published May 13, 2022
An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider"... Moderate Unreviewed
CVE-2018-8407 was published May 13, 2022
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2018-8408 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database