GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow
Critical
GHSA-h6gw-r52c-724r
was published
for
tensorflow
(pip)
Feb 9, 2022
Access of Uninitialized Pointer in linked-hash-map
Critical
CVE-2020-25573
was published
for
linked-hash-map
(Rust)
Aug 25, 2021
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS...
Critical
Unreviewed
CVE-2021-1619
was published
May 24, 2022
Uninitialized pointers accessed during music play back with incorrect bit stream due to an...
Critical
Unreviewed
CVE-2020-11138
was published
May 24, 2022
An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a...
Critical
Unreviewed
CVE-2021-36219
was published
May 24, 2022
The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS...
Critical
Unreviewed
CVE-2018-11743
was published
May 7, 2022
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in...
Critical
Unreviewed
CVE-2018-17141
was published
May 13, 2022
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a...
Critical
Unreviewed
CVE-2018-14356
was published
May 13, 2022
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an...
Critical
Unreviewed
CVE-2018-19857
was published
May 14, 2022
A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version...
Critical
Unreviewed
CVE-2017-12561
was published
May 14, 2022
** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as...
Critical
Unreviewed
CVE-2020-36617
was published
Dec 18, 2022
Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer
Critical
CVE-2020-17446
was published
for
asyncpg
(pip)
Apr 20, 2021
Incomplete validation in boosted trees code
Critical
CVE-2021-41208
was published
for
tensorflow
(pip)
Nov 10, 2021
ProTip!
Advisories are also available from the
GraphQL API