GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
263 advisories
Filter by severity
Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an...
High
Unreviewed
CVE-2023-28737
was published
Nov 14, 2023
Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an...
Moderate
Unreviewed
CVE-2023-27306
was published
Nov 14, 2023
Improper initialization for some Intel Unison software may allow an authenticated user to...
Low
Unreviewed
CVE-2022-45109
was published
Nov 14, 2023
Improper Initialization for some Intel Unison software may allow a privileged user to potentially...
Low
Unreviewed
CVE-2022-46301
was published
Nov 14, 2023
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker...
Moderate
Unreviewed
CVE-2023-5078
was published
Nov 9, 2023
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows...
High
Unreviewed
CVE-2023-1719
was published
Nov 1, 2023
When the isula cp command is used to copy files from a container to a host machine and the...
Moderate
Unreviewed
CVE-2021-33638
was published
Oct 29, 2023
When the isula export command is used to export a container to an image and the container is...
Moderate
Unreviewed
CVE-2021-33637
was published
Oct 29, 2023
When the isula load command is used to load malicious images, attackers can execute arbitrary...
High
Unreviewed
CVE-2021-33636
was published
Oct 29, 2023
When malicious images are pulled by isula pull, attackers can execute arbitrary code.
High
Unreviewed
CVE-2021-33635
was published
Oct 29, 2023
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS.
Moderate
Unreviewed
CVE-2021-33634
was published
Oct 29, 2023
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized....
Moderate
Unreviewed
CVE-2023-5370
was published
Oct 4, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak...
Moderate
Unreviewed
CVE-2023-20594
was published
Sep 20, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak...
Moderate
Unreviewed
CVE-2023-20597
was published
Sep 20, 2023
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL)...
High
Unreviewed
CVE-2023-40596
was published
Aug 30, 2023
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond ...
High
Unreviewed
CVE-2020-35342
was published
Aug 22, 2023
Jenkins Gogs Plugin vulnerable to unsafe default behavior and information disclosure
Moderate
CVE-2023-40349
was published
for
org.jenkins-ci.plugins:gogs-webhook
(Maven)
Aug 16, 2023
Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-27887
was published
Aug 11, 2023
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged...
Moderate
Unreviewed
CVE-2022-38083
was published
Aug 11, 2023
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-22356
was published
Aug 11, 2023
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme...
Moderate
Unreviewed
CVE-2023-22444
was published
Aug 11, 2023
Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B...
Moderate
Unreviewed
CVE-2023-3242
was published
Jul 26, 2023
Vulnerability of signature verification in the iaware system being initialized later than the...
Moderate
Unreviewed
CVE-2022-48518
was published
Jul 6, 2023
Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to...
Moderate
Unreviewed
CVE-2022-31477
was published
May 10, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote...
High
Unreviewed
CVE-2023-27934
was published
May 8, 2023
ProTip!
Advisories are also available from the
GraphQL API