Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

200 advisories

Loading
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with... High Unreviewed
CVE-2011-0479 was published May 13, 2022
A remote code execution vulnerability exists in the way that the Windows Graphics Device... High Unreviewed
CVE-2019-0853 was published May 13, 2022
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in... Critical Unreviewed
CVE-2018-17141 was published May 13, 2022
Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in... High Unreviewed
CVE-2018-16522 was published May 13, 2022
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash... High Unreviewed
CVE-2018-11803 was published May 13, 2022
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer... High Unreviewed
CVE-2018-1000099 was published May 13, 2022
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1... Moderate Unreviewed
CVE-2018-0894 was published May 13, 2022
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities... Moderate Unreviewed
CVE-2018-7515 was published May 13, 2022
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in... High Unreviewed
CVE-2018-3842 was published May 13, 2022
An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of... High Unreviewed
CVE-2018-4001 was published May 13, 2022
An exploitable uninitialized pointer vulnerability exists in the rich text format parser of... High Unreviewed
CVE-2018-4040 was published May 13, 2022
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012... High Unreviewed
CVE-2022-27794 was published May 12, 2022
The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS... Critical Unreviewed
CVE-2018-11743 was published May 7, 2022
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1... Moderate Unreviewed
CVE-2009-1721 was published May 2, 2022
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA... Moderate Unreviewed
CVE-2009-1415 was published May 2, 2022
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime... High Unreviewed
CVE-2009-0846 was published May 2, 2022
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service ... Moderate Unreviewed
CVE-2007-4682 was published May 1, 2022
EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that... Moderate Unreviewed
CVE-2007-4639 was published May 1, 2022
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos... High Unreviewed
CVE-2007-4000 was published May 1, 2022
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges... High Unreviewed
CVE-2007-1213 was published May 1, 2022
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos... High Unreviewed
CVE-2006-6143 was published May 1, 2022
The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE... High Unreviewed
CVE-2006-4175 was published May 1, 2022
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when... Moderate Unreviewed
CVE-2003-1201 was published Apr 29, 2022
An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS... High Unreviewed
CVE-2022-22198 was published Apr 15, 2022
The affected product is vulnerable due to an invalid pointer initialization, which may lead to... Moderate Unreviewed
CVE-2022-21168 was published Apr 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database