Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

140 advisories

Loading
Improper resource management in firmware of some Solidigm DC Products may allow an attacker with... Moderate Unreviewed
CVE-2025-12902 was published Nov 7, 2025
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable:... Moderate Unreviewed
CVE-2024-45018 was published Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF... Moderate Unreviewed
CVE-2024-44947 was published Sep 2, 2024
Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to... Moderate Unreviewed
CVE-2023-48361 was published Aug 14, 2024
Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may... Moderate Unreviewed
CVE-2024-31157 was published Feb 13, 2025
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input... Moderate Unreviewed
CVE-2022-1122 was published Mar 30, 2022
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: clean up... Moderate Unreviewed
CVE-2025-21906 was published Apr 1, 2025
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and... Moderate Unreviewed
CVE-2013-1675 was published May 17, 2022
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix... Moderate Unreviewed
CVE-2024-38558 was published Jun 19, 2024
AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by... Moderate Unreviewed
CVE-2025-22834 was published Aug 12, 2025
In fvp_freq_histogram_init of fvp.c, there is a possible Information Disclosure due to... Moderate Unreviewed
CVE-2024-32916 was published Jun 13, 2024
In plugin_ipc_handler of slc_plugin.c, there is a possible information disclosure due to... Moderate Unreviewed
CVE-2024-32930 was published Jun 13, 2024
Improper initialization of variables in the DXE driver may allow a privileged user to leak... Moderate Unreviewed
CVE-2023-20597 was published Sep 20, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak... Moderate Unreviewed
CVE-2023-20594 was published Sep 20, 2023
The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39... Moderate Unreviewed
CVE-2025-5702 was published Jun 5, 2025
The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40... Moderate Unreviewed
CVE-2025-5745 was published Jun 5, 2025
An information disclosure vulnerability exists when the Windows kernel improperly initializes... Moderate Unreviewed
CVE-2019-1039 was published May 24, 2022
Improper initialization in the UEFI firmware for the Intel(R) Server D50DNP and M50FCP boards may... Moderate Unreviewed
CVE-2025-21100 was published May 13, 2025
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before... Moderate Unreviewed
CVE-2021-33130 was published May 13, 2022
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0125 was published Feb 11, 2022
Improper initialization of shared resources in some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2021-0145 was published Feb 11, 2022
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0119 was published Feb 11, 2022
Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the... Moderate Unreviewed
CVE-2017-15897 was published May 14, 2022
The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a... Moderate Unreviewed
CVE-2017-14681 was published May 13, 2022
WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt:... Moderate Unreviewed
CVE-2023-27115 was published Mar 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database