GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
263 advisories
Filter by severity
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in...
Critical
Unreviewed
CVE-2018-11949
was published
May 24, 2022
In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile,...
High
Unreviewed
CVE-2017-18131
was published
May 24, 2022
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer,...
Low
Unreviewed
CVE-2014-8181
was published
May 17, 2022
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable...
High
Unreviewed
CVE-2014-9942
was published
May 17, 2022
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and...
Moderate
Unreviewed
CVE-2013-1675
was published
May 17, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the...
Moderate
Unreviewed
CVE-2017-15897
was published
May 14, 2022
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs...
Low
Unreviewed
CVE-2014-0178
was published
May 14, 2022
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS...
High
Unreviewed
CVE-2018-6947
was published
May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue affected...
Moderate
Unreviewed
CVE-2018-4351
was published
May 13, 2022
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite ...
Moderate
Unreviewed
CVE-2018-2934
was published
May 13, 2022
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The...
High
Unreviewed
CVE-2018-14678
was published
May 13, 2022
Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server...
High
Unreviewed
CVE-2018-12204
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11943
was published
May 13, 2022
The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016...
High
Unreviewed
CVE-2017-8576
was published
May 13, 2022
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an...
Moderate
Unreviewed
CVE-2017-6267
was published
May 13, 2022
An issue with incorrect ownership model of "privateBrowsing" information exposed through...
Critical
Unreviewed
CVE-2017-5468
was published
May 13, 2022
A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series...
Moderate
Unreviewed
CVE-2017-3820
was published
May 13, 2022
The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a...
Moderate
Unreviewed
CVE-2017-14681
was published
May 13, 2022
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a...
High
Unreviewed
CVE-2017-14609
was published
May 13, 2022
MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account,...
High
Unreviewed
CVE-2017-14102
was published
May 13, 2022
UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account,...
Moderate
Unreviewed
CVE-2017-13649
was published
May 13, 2022
An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product...
High
Unreviewed
CVE-2017-13153
was published
May 13, 2022
Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root...
Moderate
Unreviewed
CVE-2017-12847
was published
May 13, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0...
High
Unreviewed
CVE-2017-12736
was published
May 13, 2022
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before...
Moderate
Unreviewed
CVE-2017-10972
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API