Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

263 advisories

Loading
A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the... Critical Unreviewed
CVE-2022-0947 was published May 11, 2022
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string... Moderate Unreviewed
CVE-2012-0012 was published May 4, 2022
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10... High Unreviewed
CVE-2008-3637 was published May 2, 2022
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which... High Unreviewed
CVE-2008-0062 was published May 1, 2022
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or... High Unreviewed
CVE-2007-3749 was published May 1, 2022
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP... Moderate Unreviewed
CVE-2001-1471 was published Apr 30, 2022
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until... High Unreviewed
CVE-1999-0993 was published Apr 30, 2022
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco... Moderate Unreviewed
CVE-2022-20661 was published Apr 16, 2022
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco... High Unreviewed
CVE-2022-20731 was published Apr 16, 2022
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices,... Moderate Unreviewed
CVE-2022-22186 was published Apr 15, 2022
A improper initialization in Fortinet FortiClient (Windows) version 6.0.10 and below, version 6.2... High Unreviewed
CVE-2021-44169 was published Apr 7, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2022-22657 was published Mar 19, 2022
A carefully crafted request body can cause a read to a random memory area which could cause the... High Unreviewed
CVE-2022-22719 was published Mar 15, 2022
TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm High
CVE-2020-8918 was published for github.com/google/go-tpm (Go) Feb 11, 2022
chrisfenner
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0125 was published Feb 11, 2022
Improper initialization of shared resources in some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2021-0145 was published Feb 11, 2022
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0119 was published Feb 11, 2022
A CWE-665: Improper Initialization vulnerability exists that could cause information exposure... High Unreviewed
CVE-2022-24316 was published Feb 11, 2022
Improper Initialization in OpenZeppelin High
CVE-2021-46320 was published for @openzeppelin/contracts (npm) Feb 5, 2022
pgjdbc Does Not Check Class Instantiation when providing Plugin Classes High
CVE-2022-21724 was published for org.postgresql:postgresql (Maven) Feb 2, 2022
iSafeBlue
An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit... Moderate Unreviewed
CVE-2022-22164 was published Jan 20, 2022
An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks... Moderate Unreviewed
CVE-2022-22169 was published Jan 20, 2022
Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and... High Unreviewed
CVE-2021-20613 was published Jan 15, 2022
Improper Initialization in Pillow Moderate
CVE-2022-22815 was published for Pillow (pip) Jan 12, 2022
sunSUNQ
nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local... Moderate Unreviewed
CVE-2021-46283 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API