Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
vLLM makes Use of Uninitialized Resource Low
CVE-2026-7141 was published for vllm (pip) Apr 27, 2026
OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size (undo_pxr24_impl) High
CVE-2026-34543 was published for openexr (pip) Apr 3, 2026
n8n has In-Process Memory Disclosure in its Task Runner High
CVE-2026-27496 was published for n8n (npm) Mar 25, 2026
c0rydoras Credited to c0rydoras
Uninitialized Variable in fastecdsa High
CVE-2024-21502 was published for fastecdsa (pip) Feb 24, 2024
Helm's Missing YAML Content Leads To Panic High
CVE-2024-26147 was published for helm.sh/helm/v3 (Go) Feb 22, 2024
jake-ciolek Credited to jake-ciolek
Direct Ring Buffer has uninitialized memory exposure in create_ring_buffer Low
GHSA-fp5x-7m4q-449f was published for direct_ring_buffer (Rust) Oct 21, 2025
FUSE-Rust: Uninitalized memory read and leak caused by fuser crate High
GHSA-cvmj-47v9-35m9 was published for fuser (Rust) Sep 15, 2025
Helm May Panic Due To Incorrect YAML Content Moderate
CVE-2025-55198 was published for helm.sh/helm/v3 (Go) Aug 14, 2025
jake-ciolek Credited to jake-ciolek
static-alloc vulnerability leads to uninitialized read after allocating MemBump Low
GHSA-xrrq-rrgq-h89w was published for static-alloc (Rust) Jul 11, 2025
Phusion Passenger denial of service Moderate
CVE-2025-26803 was published for passenger (RubyGems) Feb 24, 2025
Potential memory exposure in dns-packet High
CVE-2021-23386 was published for dns-packet (npm) May 24, 2021
Uninitialized variable access in Tensorflow High
CVE-2022-23573 was published for tensorflow (pip) Feb 9, 2022
A use of uninitialized value vulnerability in Tensorflow Moderate
CVE-2021-41225 was published for tensorflow (pip) Nov 10, 2021
Use of unitialized value in TFLite Moderate
CVE-2021-37682 was published for tensorflow (pip) Aug 25, 2021
Segfault in `CTCBeamSearchDecoder` Low
CVE-2021-29581 was published for tensorflow (pip) May 21, 2021
Undefined behavior and `CHECK`-fail in `FractionalMaxPoolGrad` Low
CVE-2021-29580 was published for tensorflow (pip) May 21, 2021
Heap out of bounds access in MakeEdge in TensorFlow Moderate
CVE-2020-26271 was published for tensorflow (pip) Dec 10, 2020
Memory corruption in Tensorflow High
CVE-2020-15193 was published for tensorflow (pip) Sep 25, 2020
Uninitialized memory access in TensorFlow Moderate
CVE-2020-26266 was published for tensorflow (pip) Dec 10, 2020
crayon: ObjectPool creates uninitialized memory when freeing objects High
GHSA-xfhw-6mc4-mgxf was published for crayon (Rust) Apr 5, 2024
Use of Uninitialized Resource in smallvec High
CVE-2018-25023 was published for smallvec (Rust) Jan 6, 2022
tdunlap607 Credited to tdunlap607
Uncontrolled Resource Consumption in @discordjs/opus High
CVE-2022-25345 was published for @discordjs/opus (npm) Jun 18, 2022
DEVTomatoCake Credited to DEVTomatoCake and vladfrangu vladfrangu vladfrangu
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability High
CVE-2019-18197 was published for nokogiri (RubyGems) May 24, 2022
Use of Uninitialized Resource in gfx-auxil Critical
CVE-2021-45689 was published for gfx-auxil (Rust) Jan 6, 2022
Uninitialized memory access in toodee High
CVE-2021-28029 was published for toodee (Rust) Sep 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database