GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
105 advisories
Filter by severity
A malicious actor with access to the network and under certain conditions could exploit an...
High
Unreviewed
CVE-2026-54409
was published
Jul 2, 2026
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10...
High
Unreviewed
CVE-2008-3637
was published
May 2, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which...
High
Unreviewed
CVE-2008-0062
was published
May 1, 2022
A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that...
High
Unreviewed
CVE-2026-0940
was published
Mar 11, 2026
An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for...
High
Unreviewed
CVE-2025-66363
was published
Mar 3, 2026
An Incorrect Initialization of Resource vulnerability in the Internal Device Manager (IDM) of...
High
Unreviewed
CVE-2026-21913
was published
Jan 15, 2026
p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of...
High
Unreviewed
CVE-2024-28084
was published
Mar 3, 2024
A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS...
High
Unreviewed
CVE-2020-27950
was published
May 24, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0...
High
Unreviewed
CVE-2017-12736
was published
May 13, 2022
External initialization of trusted variables or data stores vulnerability exists in WordPress...
High
Unreviewed
CVE-2022-43468
was published
Dec 7, 2022
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure...
High
Unreviewed
CVE-2017-12262
was published
May 13, 2022
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote...
High
Unreviewed
CVE-2016-9446
was published
May 13, 2022
Improper initialization of x87 and SSE floating-point configuration registers in the...
High
Unreviewed
CVE-2022-46487
was published
Dec 30, 2023
The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39...
High
Unreviewed
CVE-2011-4087
was published
May 13, 2022
An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID...
High
Unreviewed
CVE-2022-46505
was published
Jan 18, 2023
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might...
High
Unreviewed
CVE-2023-1513
was published
Mar 23, 2023
Some smartphones have data initialization issues. Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2022-48352
was published
Mar 28, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote...
High
Unreviewed
CVE-2023-27934
was published
May 8, 2023
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default...
High
Unreviewed
CVE-2024-22064
was published
May 14, 2024
The fetch(3) library uses environment variables for passing certain information, including the...
High
Unreviewed
CVE-2024-45289
was published
Nov 12, 2024
An “uninitialized variable” code execution vulnerability exists in the
Rockwell Automation...
High
Unreviewed
CVE-2024-11158
was published
Dec 5, 2024
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2021-1661
was published
May 24, 2022
When the isula load command is used to load malicious images, attackers can execute arbitrary...
High
Unreviewed
CVE-2021-33636
was published
Oct 29, 2023
When malicious images are pulled by isula pull, attackers can execute arbitrary code.
High
Unreviewed
CVE-2021-33635
was published
Oct 29, 2023
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an...
High
Unreviewed
CVE-2023-28737
was published
Nov 14, 2023
ProTip!
Advisories are also available from the
GraphQL API