Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6:... Critical Unreviewed
CVE-2024-47685 was published Oct 21, 2024
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This... Critical Unreviewed
CVE-2026-4716 was published Mar 24, 2026
Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox <... Critical Unreviewed
CVE-2026-4715 was published Mar 24, 2026
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148. Critical Unreviewed
CVE-2026-2806 was published Feb 24, 2026
Insufficient input validation leading to memory overread on the NetScaler Management Interface... Critical Unreviewed
CVE-2025-5777 was published Jun 17, 2025
HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c. Critical Unreviewed
CVE-2024-32611 was published May 14, 2024
** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as... Critical Unreviewed
CVE-2020-36617 was published Dec 18, 2022
A latent vulnerability exists in the Prio library where data may be read from uninitialized... Critical Unreviewed
CVE-2019-9805 was published May 24, 2022
An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC... Critical Unreviewed
CVE-2022-21217 was published Jan 29, 2022
When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will... Critical Unreviewed
CVE-2021-40418 was published Dec 23, 2021
A certain crafted HTTP packet can trigger an uninitialized function pointer deference... Critical Unreviewed
CVE-2019-0006 was published May 13, 2022
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3... Critical Unreviewed
CVE-2019-9641 was published May 13, 2022
The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector... Critical Unreviewed
CVE-2021-1104 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function... Critical Unreviewed
CVE-2018-25014 was published May 24, 2022
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS... Critical Unreviewed
CVE-2021-1619 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database