Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

267 advisories

Loading
The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does... Critical Unreviewed
CVE-2017-13715 was published May 13, 2022
slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root... Moderate Unreviewed
CVE-2017-14159 was published May 13, 2022
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before... Moderate Unreviewed
CVE-2021-33130 was published May 13, 2022
Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state... High Unreviewed
CVE-2021-26353 was published May 11, 2022
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the... Critical Unreviewed
CVE-2022-0947 was published May 11, 2022
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string... Moderate Unreviewed
CVE-2012-0012 was published May 4, 2022
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10... High Unreviewed
CVE-2008-3637 was published May 2, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which... High Unreviewed
CVE-2008-0062 was published May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or... High Unreviewed
CVE-2007-3749 was published May 1, 2022
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP... Moderate Unreviewed
CVE-2001-1471 was published Apr 30, 2022
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until... High Unreviewed
CVE-1999-0993 was published Apr 30, 2022
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco... Moderate Unreviewed
CVE-2022-20661 was published Apr 16, 2022
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco... High Unreviewed
CVE-2022-20731 was published Apr 16, 2022
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices,... Moderate Unreviewed
CVE-2022-22186 was published Apr 15, 2022
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2... High Unreviewed
CVE-2021-44169 was published Apr 7, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2022-22657 was published Mar 19, 2022
A carefully crafted request body can cause a read to a random memory area which could cause the... High Unreviewed
CVE-2022-22719 was published Mar 15, 2022
TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm High
CVE-2020-8918 was published for github.com/google/go-tpm (Go) Feb 11, 2022
chrisfenner
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0119 was published Feb 11, 2022
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0125 was published Feb 11, 2022
Improper initialization of shared resources in some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2021-0145 was published Feb 11, 2022
A CWE-665: Improper Initialization vulnerability exists that could cause information exposure... High Unreviewed
CVE-2022-24316 was published Feb 11, 2022
Improper Initialization in OpenZeppelin High
CVE-2021-46320 was published for @openzeppelin/contracts (npm) Feb 5, 2022
pgjdbc Does Not Check Class Instantiation when providing Plugin Classes High
CVE-2022-21724 was published for org.postgresql:postgresql (Maven) Feb 2, 2022
iSafeBlue
An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit... Moderate Unreviewed
CVE-2022-22164 was published Jan 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database