GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
97 advisories
Filter by severity
The fetch(3) library uses environment variables for passing certain information, including the...
High
Unreviewed
CVE-2024-45289
was published
Nov 12, 2024
NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a...
High
Unreviewed
CVE-2024-0089
was published
Jun 14, 2024
Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-27322
was published
May 3, 2024
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-27324
was published
May 3, 2024
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-27325
was published
May 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
cfg80211: call...
High
Unreviewed
CVE-2021-47194
was published
Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix accesses to uninit...
High
Unreviewed
CVE-2023-52452
was published
Feb 22, 2024
Improper initialization of x87 and SSE floating-point configuration registers in the...
High
Unreviewed
CVE-2022-46487
was published
Dec 30, 2023
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was...
High
Unreviewed
CVE-2023-49062
was published
Nov 28, 2023
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an...
High
Unreviewed
CVE-2023-28737
was published
Nov 14, 2023
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows...
High
Unreviewed
CVE-2023-1719
was published
Nov 1, 2023
When the isula load command is used to load malicious images, attackers can execute arbitrary...
High
Unreviewed
CVE-2021-33636
was published
Oct 29, 2023
When malicious images are pulled by isula pull, attackers can execute arbitrary code.
High
Unreviewed
CVE-2021-33635
was published
Oct 29, 2023
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL)...
High
Unreviewed
CVE-2023-40596
was published
Aug 30, 2023
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond ...
High
Unreviewed
CVE-2020-35342
was published
Aug 22, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote...
High
Unreviewed
CVE-2023-27934
was published
May 8, 2023
A malicious actor may convince a victim to open a malicious USD file that may trigger an...
High
Unreviewed
CVE-2023-25010
was published
Apr 17, 2023
Some smartphones have data initialization issues. Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2022-48352
was published
Mar 28, 2023
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might...
High
Unreviewed
CVE-2023-1513
was published
Mar 23, 2023
A vulnerability classified as critical was found in TechPowerUp RealTemp 3.7.0.0. This...
High
Unreviewed
CVE-2023-1047
was published
Feb 26, 2023
A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM...
High
Unreviewed
CVE-2023-1048
was published
Feb 26, 2023
Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2...
High
Unreviewed
CVE-2022-34153
was published
Feb 16, 2023
On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x...
High
Unreviewed
CVE-2023-23555
was published
Feb 1, 2023
Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the...
High
Unreviewed
CVE-2022-3259
was published
Dec 9, 2022
External initialization of trusted variables or data stores vulnerability exists in WordPress...
High
Unreviewed
CVE-2022-43468
was published
Dec 7, 2022
ProTip!
Advisories are also available from the
GraphQL API