Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow Critical
GHSA-h6gw-r52c-724r was published for tensorflow (pip) Feb 9, 2022
Access of Uninitialized Pointer in linked-hash-map Critical
CVE-2020-25573 was published for linked-hash-map (Rust) Aug 25, 2021
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS... Critical Unreviewed
CVE-2021-1619 was published May 24, 2022
Uninitialized pointers accessed during music play back with incorrect bit stream due to an... Critical Unreviewed
CVE-2020-11138 was published May 24, 2022
An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a... Critical Unreviewed
CVE-2021-36219 was published May 24, 2022
The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS... Critical Unreviewed
CVE-2018-11743 was published May 7, 2022
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in... Critical Unreviewed
CVE-2018-17141 was published May 13, 2022
Incomplete validation in boosted trees code Critical
CVE-2021-41208 was published for tensorflow (pip) Nov 10, 2021
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a... Critical Unreviewed
CVE-2018-14356 was published May 13, 2022
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an... Critical Unreviewed
CVE-2018-19857 was published May 14, 2022
A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version... Critical Unreviewed
CVE-2017-12561 was published May 14, 2022
** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as... Critical Unreviewed
CVE-2020-36617 was published Dec 18, 2022
Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer Critical
CVE-2020-17446 was published for asyncpg (pip) Apr 20, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database