Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

195 advisories

Loading
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer... High Unreviewed
CVE-2018-1000099 was published May 13, 2022
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1... Moderate Unreviewed
CVE-2018-0894 was published May 13, 2022
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities... Moderate Unreviewed
CVE-2018-7515 was published May 13, 2022
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in... High Unreviewed
CVE-2018-3842 was published May 13, 2022
An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of... High Unreviewed
CVE-2018-4001 was published May 13, 2022
An exploitable uninitialized pointer vulnerability exists in the rich text format parser of... High Unreviewed
CVE-2018-4040 was published May 13, 2022
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012... High Unreviewed
CVE-2022-27794 was published May 12, 2022
The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS... Critical Unreviewed
CVE-2018-11743 was published May 7, 2022
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1... Moderate Unreviewed
CVE-2009-1721 was published May 2, 2022
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA... Moderate Unreviewed
CVE-2009-1415 was published May 2, 2022
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime... High Unreviewed
CVE-2009-0846 was published May 2, 2022
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service ... Moderate Unreviewed
CVE-2007-4682 was published May 1, 2022
EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that... Moderate Unreviewed
CVE-2007-4639 was published May 1, 2022
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos... High Unreviewed
CVE-2007-4000 was published May 1, 2022
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges... High Unreviewed
CVE-2007-1213 was published May 1, 2022
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos... High Unreviewed
CVE-2006-6143 was published May 1, 2022
The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE... High Unreviewed
CVE-2006-4175 was published May 1, 2022
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when... Moderate Unreviewed
CVE-2003-1201 was published Apr 29, 2022
An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS... High Unreviewed
CVE-2022-22198 was published Apr 15, 2022
The affected product is vulnerable due to an invalid pointer initialization, which may lead to... Moderate Unreviewed
CVE-2022-21168 was published Apr 13, 2022
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input... Moderate Unreviewed
CVE-2022-1122 was published Mar 30, 2022
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior... Moderate Unreviewed
CVE-2021-3608 was published Feb 25, 2022
Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals Moderate
CVE-2022-23636 was published for wasmtime (Rust) Feb 16, 2022
peterhuene
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021... Moderate Unreviewed
CVE-2022-21156 was published Feb 11, 2022
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow Critical
GHSA-h6gw-r52c-724r was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API