GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,400
Composer 4,825
Erlang 36
GitHub Actions 32
Go 2,419
Maven 5,811
npm 4,055
NuGet 723
pip 3,847
Pub 12
RubyGems 934
Rust 1,006
Swift 38

Unreviewed advisories

All unreviewed 264,983

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

378 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed

CVE-2019-1010319 was published May 24, 2022

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is:... Moderate Unreviewed

CVE-2019-1010317 was published May 24, 2022

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function... High Unreviewed

CVE-2019-13135 was published May 24, 2022

Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to... Moderate Unreviewed

CVE-2019-5818 was published May 24, 2022

When using gdImageCreateFromXbm() function of gd extension in versions 7.1.x below 7.1.30, 7.2.x... Moderate Unreviewed

CVE-2019-11038 was published May 24, 2022

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in... Moderate Unreviewed

CVE-2019-11833 was published May 24, 2022

A latent vulnerability exists in the Prio library where data may be read from uninitialized... Critical Unreviewed

CVE-2019-9805 was published May 24, 2022

PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote... High Unreviewed

CVE-2015-8390 was published May 17, 2022

SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which... High Unreviewed

CVE-2015-3414 was published May 14, 2022

In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking... High Unreviewed

CVE-2019-9578 was published May 13, 2022

libvips before 8.7.4 generates output images from uninitialized memory locations when processing... Moderate Unreviewed

CVE-2019-6976 was published May 13, 2022

In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This... Moderate Unreviewed

CVE-2018-9499 was published May 13, 2022

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound... Moderate Unreviewed

CVE-2018-8627 was published May 13, 2022

The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows... Moderate Unreviewed

CVE-2018-20029 was published May 13, 2022

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM... Moderate Unreviewed

CVE-2018-19974 was published May 13, 2022

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could... High Unreviewed

CVE-2018-15911 was published May 13, 2022

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... Moderate Unreviewed

CVE-2018-12011 was published May 13, 2022

The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of... Moderate Unreviewed

CVE-2018-11383 was published May 13, 2022

In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer... High Unreviewed

CVE-2018-7166 was published May 13, 2022

Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows... High Unreviewed

CVE-2012-1891 was published May 13, 2022

The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS... Moderate Unreviewed

CVE-2016-5105 was published May 13, 2022

ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE... High Unreviewed

CVE-2017-9098 was published May 13, 2022

An information disclosure vulnerability exists when Visual Studio improperly discloses limited... Moderate Unreviewed

CVE-2018-1037 was published May 13, 2022

A certain crafted HTTP packet can trigger an uninitialized function pointer deference... Critical Unreviewed

CVE-2019-0006 was published May 13, 2022

The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in... Moderate Unreviewed

CVE-2016-0821 was published May 13, 2022

Previous 1 2 … 11 12 13 14 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

378 advisories