Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

549 advisories

Loading
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate... High Unreviewed
CVE-2023-4236 was published Sep 20, 2023
cordova-plugin-fingerprint-aio DoS vulnerability Moderate
CVE-2021-43849 was published for cordova-plugin-fingerprint-aio (npm) Nov 2, 2023
0xWise64
Credited to 0xWise64
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a... Moderate Unreviewed
CVE-2021-3531 was published May 24, 2022
Incomplete validation in signal ops leads to crashes in TensorFlow Moderate
CVE-2022-29213 was published for tensorflow (pip) May 24, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ` Moderate
CVE-2022-41901 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `SdcaOptimizer` Moderate
CVE-2022-41899 was published for tensorflow (pip) Nov 21, 2022
Arithmetic overflow can happen while processing NOA IE due to improper error handling in... High Unreviewed
CVE-2020-11296 was published May 24, 2022
An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows... High Unreviewed
CVE-2022-47516 was published Dec 18, 2022
Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature... High Unreviewed
CVE-2021-38385 was published May 24, 2022
Possible denial of service due to improper validation of DNS response when DNS client requests... High Unreviewed
CVE-2021-30307 was published Jan 14, 2022
Possible assertion due to improper size validation while processing the DownlinkPreemption IE in... High Unreviewed
CVE-2021-30326 was published Feb 12, 2022
Improper validation of function pointer type with actual function signature can lead to assertion... High Unreviewed
CVE-2021-30353 was published Jan 14, 2022
Possible assertion due to improper validation of symbols configured for PDCCH monitoring in... High Unreviewed
CVE-2021-30287 was published Jan 14, 2022
Transient DOS due to reachable assertion in Modem while processing SIB1 Message. High Unreviewed
CVE-2022-33254 was published Mar 10, 2023
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM. High Unreviewed
CVE-2022-40527 was published Mar 10, 2023
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message... High Unreviewed
CVE-2022-33250 was published Mar 10, 2023
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout High Unreviewed
CVE-2022-33244 was published Mar 10, 2023
Transient DOS in modem due to reachable assertion. High Unreviewed
CVE-2022-33272 was published Mar 10, 2023
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed
CVE-2019-14383 was published May 24, 2022
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed
CVE-2019-14382 was published May 24, 2022
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion... Moderate Unreviewed
CVE-2019-13113 was published May 24, 2022
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is... Moderate Unreviewed
CVE-2015-8745 was published May 13, 2022
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD)... High Unreviewed
CVE-2017-7539 was published May 13, 2022
There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1... High Unreviewed
CVE-2021-36409 was published Jan 12, 2022
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at... Moderate Unreviewed
CVE-2022-2520 was published Sep 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database