GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
114 advisories
Filter by severity
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31418
was published
May 24, 2022
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user...
Moderate
Unreviewed
CVE-2021-3545
was published
May 24, 2022
In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to...
Moderate
Unreviewed
CVE-2021-0938
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-34855
was published
May 24, 2022
In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to...
Moderate
Unreviewed
CVE-2021-0698
was published
Aug 25, 2022
In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to...
Moderate
Unreviewed
CVE-2021-0887
was published
Aug 25, 2022
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted...
Moderate
Unreviewed
CVE-2020-35494
was published
May 24, 2022
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a...
Moderate
Unreviewed
CVE-2022-34266
was published
Jul 20, 2022
In camera, there is a possible information disclosure due to uninitialized data. This could lead...
Moderate
Unreviewed
CVE-2022-20096
was published
May 4, 2022
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to...
Moderate
Unreviewed
CVE-2022-20008
was published
May 11, 2022
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to...
Moderate
Unreviewed
CVE-2022-20119
was published
May 11, 2022
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local...
Moderate
Unreviewed
CVE-2022-33716
was published
Aug 6, 2022
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler...
Moderate
Unreviewed
CVE-2018-3989
was published
May 13, 2022
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality...
Moderate
Unreviewed
CVE-2018-3970
was published
May 13, 2022
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows,...
Moderate
Unreviewed
CVE-2017-5103
was published
May 13, 2022
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows,...
Moderate
Unreviewed
CVE-2017-5102
was published
May 13, 2022
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6...
Moderate
Unreviewed
CVE-2017-4905
was published
May 13, 2022
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG...
Moderate
Unreviewed
CVE-2018-6982
was published
May 13, 2022
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in...
Moderate
Unreviewed
CVE-2016-0821
was published
May 13, 2022
An information disclosure vulnerability exists when Visual Studio improperly discloses limited...
Moderate
Unreviewed
CVE-2018-1037
was published
May 13, 2022
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS...
Moderate
Unreviewed
CVE-2016-5105
was published
May 13, 2022
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2018-11383
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
Moderate
Unreviewed
CVE-2018-12011
was published
May 13, 2022
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM...
Moderate
Unreviewed
CVE-2018-19974
was published
May 13, 2022
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows...
Moderate
Unreviewed
CVE-2018-20029
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API