Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

64 advisories

Loading
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an... High Unreviewed
CVE-2023-6324 was published May 15, 2024
HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c. Critical Unreviewed
CVE-2024-32611 was published May 14, 2024
Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability.... Low Unreviewed
CVE-2021-34951 was published May 8, 2024
Foxit PDF Reader Annotation Use of Uninitialized Variable Remote Code Execution Vulnerability.... High Unreviewed
CVE-2021-34953 was published May 8, 2024
LIEF obtain sensitive information via the name parameter Low
CVE-2024-31636 was published for lief (pip) May 3, 2024
Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution... High Unreviewed
CVE-2023-50188 was published May 3, 2024
PDF-XChange Editor U3D File Parsing Uninitialized Variable Information Disclosure Vulnerability.... Low Unreviewed
CVE-2023-42056 was published May 3, 2024
PDF-XChange Editor U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-42062 was published May 3, 2024
PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability.... Low Unreviewed
CVE-2023-42079 was published May 3, 2024
PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability.... Low Unreviewed
CVE-2023-42048 was published May 3, 2024
PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability.... Low Unreviewed
CVE-2023-42046 was published May 3, 2024
PDF-XChange Editor PDF File Parsing Uninitialized Variable Information Disclosure Vulnerability.... Low Unreviewed
CVE-2023-39484 was published May 3, 2024
Kofax Power PDF printf Uninitialized Variable Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-38088 was published May 3, 2024
Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2023-34310 was published May 3, 2024
An uninitialized memory use vulnerability exists in Tinyproxy 1.11.1 while parsing HTTP requests.... Moderate Unreviewed
CVE-2023-40533 was published May 1, 2024
In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left... Moderate Unreviewed
CVE-2024-32625 was published Apr 16, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 uses uninitialized variables when... Moderate Unreviewed
CVE-2024-31874 was published Apr 10, 2024
Uninitialized Variable in fastecdsa High
CVE-2024-21502 was published for fastecdsa (pip) Feb 24, 2024
Helm's Missing YAML Content Leads To Panic High
CVE-2024-26147 was published for helm.sh/helm/v3 (Go) Feb 22, 2024
jake-ciolek
A maliciously crafted STP or SLDPRT file when ODXSW_DLL.dll parsed through Autodesk AutoCAD can... High Unreviewed
CVE-2024-23137 was published Feb 22, 2024
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537... High Unreviewed
CVE-2023-31275 was published Nov 27, 2023
An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther... Moderate Unreviewed
CVE-2023-31192 was published Oct 12, 2023
Memory corruption due to buffer copy without checking size of input in Audio while voice call... Critical Unreviewed
CVE-2022-40510 was published Aug 8, 2023
Information disclosure in modem due to missing NULL check while reading packets received from... High Unreviewed
CVE-2022-25737 was published Apr 13, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-28317 was published Mar 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database