Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

197 advisories

Loading
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... High Unreviewed
CVE-2016-10447 was published May 14, 2022
In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from... Moderate Unreviewed
CVE-2018-5860 was published May 14, 2022
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior... Moderate Unreviewed
CVE-2021-3608 was published Feb 25, 2022
Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do... Moderate Unreviewed
CVE-2014-1564 was published May 14, 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls... High Unreviewed
CVE-2022-2952 was published Dec 8, 2022
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer... High Unreviewed
CVE-2019-3836 was published May 14, 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls... High Unreviewed
CVE-2022-3084 was published Dec 8, 2022
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an... Critical Unreviewed
CVE-2018-19857 was published May 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2018-14282 was published May 13, 2022
An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could... High Unreviewed
CVE-2018-19018 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2018-10484 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2018-9981 was published May 13, 2022
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a... Critical Unreviewed
CVE-2018-14356 was published May 13, 2022
Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which... Moderate Unreviewed
CVE-2011-1814 was published May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with... High Unreviewed
CVE-2011-0479 was published May 13, 2022
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an... High Unreviewed
CVE-2021-38409 was published Dec 21, 2021
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer... Low Unreviewed
CVE-2021-43030 was published Dec 21, 2021
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer... Low Unreviewed
CVE-2021-43746 was published Dec 21, 2021
An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper... Moderate Unreviewed
CVE-2023-22398 was published Jan 13, 2023
Segfault while copying constant resource tensor Moderate
CVE-2021-41204 was published for tensorflow (pip) Nov 10, 2021
Unitialized access in `EinsumHelper::ParseEquation` High
CVE-2021-41201 was published for tensorflow (pip) Nov 10, 2021
A remote code execution vulnerability exists in the way that the Windows Graphics Device... High Unreviewed
CVE-2019-0853 was published May 13, 2022
Reference binding to nullptr in shape inference High
CVE-2021-37676 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in map operations High
CVE-2021-37671 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `RaggedTensorToSparse` High
CVE-2021-37656 was published for tensorflow (pip) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database