Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

218 advisories

Loading
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in... High Unreviewed
CVE-2018-3842 was published May 13, 2022
An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of... High Unreviewed
CVE-2018-4001 was published May 13, 2022
An exploitable uninitialized pointer vulnerability exists in the rich text format parser of... High Unreviewed
CVE-2018-4040 was published May 13, 2022
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012... High Unreviewed
CVE-2022-27794 was published May 12, 2022
The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS... Critical Unreviewed
CVE-2018-11743 was published May 7, 2022
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1... Moderate Unreviewed
CVE-2009-1721 was published May 2, 2022
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA... Moderate Unreviewed
CVE-2009-1415 was published May 2, 2022
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime... High Unreviewed
CVE-2009-0846 was published May 2, 2022
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service ... Moderate Unreviewed
CVE-2007-4682 was published May 1, 2022
EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that... Moderate Unreviewed
CVE-2007-4639 was published May 1, 2022
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos... High Unreviewed
CVE-2007-4000 was published May 1, 2022
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges... High Unreviewed
CVE-2007-1213 was published May 1, 2022
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos... High Unreviewed
CVE-2006-6143 was published May 1, 2022
The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE... High Unreviewed
CVE-2006-4175 was published May 1, 2022
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when... Moderate Unreviewed
CVE-2003-1201 was published Apr 29, 2022
An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS... High Unreviewed
CVE-2022-22198 was published Apr 15, 2022
The affected product is vulnerable due to an invalid pointer initialization, which may lead to... Moderate Unreviewed
CVE-2022-21168 was published Apr 13, 2022
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input... Moderate Unreviewed
CVE-2022-1122 was published Mar 30, 2022
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior... Moderate Unreviewed
CVE-2021-3608 was published Feb 25, 2022
Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals Moderate
CVE-2022-23636 was published for wasmtime (Rust) Feb 16, 2022
peterhuene
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021... Moderate Unreviewed
CVE-2022-21156 was published Feb 11, 2022
Windows Runtime Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21971 was published Feb 10, 2022
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow Critical
GHSA-h6gw-r52c-724r was published for tensorflow (pip) Feb 9, 2022
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an... High Unreviewed
CVE-2021-38409 was published Dec 21, 2021
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer... Low Unreviewed
CVE-2021-43746 was published Dec 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database