Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

471 advisories

Loading
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17.... Moderate Unreviewed
CVE-2018-20217 was published May 13, 2022
"deny-answer-aliases" is a little-used feature intended to help recursive server operators... High Unreviewed
CVE-2018-5740 was published May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27498 was published May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27500 was published May 13, 2022
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel... Moderate Unreviewed
CVE-2022-29977 was published May 12, 2022
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed... High Unreviewed
CVE-2022-29339 was published May 6, 2022
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG... Moderate Unreviewed
CVE-2006-6811 was published May 1, 2022
oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1)... High Unreviewed
CVE-2006-6767 was published May 1, 2022
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via... Moderate Unreviewed
CVE-2006-5779 was published May 1, 2022
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2006-4095 was published May 1, 2022
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal Moderate Unreviewed
CVE-2012-5521 was published Apr 23, 2022
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT... High Unreviewed
CVE-2011-3596 was published Apr 22, 2022
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect... Moderate Unreviewed
CVE-2022-24272 was published Apr 22, 2022
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of... High Unreviewed
CVE-2022-20694 was published Apr 16, 2022
There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos ==... High Unreviewed
CVE-2022-27448 was published Apr 15, 2022
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component... High Unreviewed
CVE-2022-27382 was published Apr 13, 2022
Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in... High Unreviewed
CVE-2021-30328 was published Apr 2, 2022
Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2021-30329 was published Apr 2, 2022
Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2021-30332 was published Apr 2, 2022
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a... Moderate Unreviewed
CVE-2022-27938 was published Mar 27, 2022
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. Moderate Unreviewed
CVE-2022-27939 was published Mar 27, 2022
Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific... High Unreviewed
CVE-2022-0635 was published Mar 24, 2022
When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 High Unreviewed
CVE-2022-0667 was published Mar 23, 2022
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in... Moderate Unreviewed
CVE-2022-25484 was published Mar 23, 2022
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via... Moderate Unreviewed
CVE-2022-0865 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database