Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,518
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,758
Pub
13
RubyGems
1,036
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker... Moderate Unreviewed
CVE-2026-5888 was published Apr 9, 2026
OpenEXR Makes Use of Uninitialized Memory Low
CVE-2025-64181 was published for OpenEXR (pip) Apr 6, 2026
Kaldreic Credited to Kaldreic
An authenticated user with the read role may read limited amounts of uninitialized stack memory... High Unreviewed
CVE-2026-4147 was published Mar 17, 2026
A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus... High Unreviewed
CVE-2026-20051 was published Feb 25, 2026
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148. Critical Unreviewed
CVE-2026-2806 was published Feb 24, 2026
A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in... High Unreviewed
CVE-2026-1333 was published Feb 16, 2026
A use of uninitialized variable vulnerability has been reported to affect several QNAP operating... Low Unreviewed
CVE-2025-58466 was published Feb 11, 2026
Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow... Moderate Unreviewed
CVE-2025-29952 was published Feb 10, 2026
Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor... Moderate Unreviewed
CVE-2025-32467 was published Feb 10, 2026
Panda3D versions up to and including 1.10.16 deploy-stub contains a denial of service... Moderate Unreviewed
CVE-2026-22188 was published Jan 7, 2026
Memory corruption while processing identity credential operations in the trusted application. High Unreviewed
CVE-2025-47348 was published Jan 7, 2026
In display, there is a possible memory corruption due to uninitialized data. This could lead to... Moderate Unreviewed
CVE-2025-20784 was published Jan 6, 2026
A Use of Uninitialized Variable vulnerability exists in Open Design Alliance Drawings SDK static... High Unreviewed
CVE-2025-10021 was published Dec 22, 2025
In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible memory corruption due to... High Unreviewed
CVE-2025-36935 was published Dec 11, 2025
In display, there is a possible memory corruption due to improper input validation. This could... High Unreviewed
CVE-2025-20766 was published Dec 2, 2025
In display, there is a possible escalation of privilege due to improper input validation. This... Moderate Unreviewed
CVE-2025-20771 was published Dec 2, 2025
When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic... High Unreviewed
CVE-2025-58071 was published Oct 15, 2025
Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution... High Unreviewed
CVE-2025-7978 was published Sep 17, 2025
Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Remote Code Execution... High Unreviewed
CVE-2025-7981 was published Sep 17, 2025
Ashlar-Vellum Cobalt AR File Parsing Uninitialized Variable Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-7984 was published Sep 17, 2025
Dragonfly incorrectly handles a task structure’s usedTrac field Moderate
CVE-2025-59348 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi Credited to gaius-qi
A Use of Uninitialized Variable vulnerability affecting the JT file reading procedure in... High Unreviewed
CVE-2025-9450 was published Sep 17, 2025
Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from... Low Unreviewed
CVE-2023-31326 was published Sep 6, 2025
In writeToParcel of CursorWindow.cpp, there is a possible out of bounds read due to uninitialized... Moderate Unreviewed
CVE-2025-26448 was published Sep 5, 2025
In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a... High Unreviewed
CVE-2025-0081 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database