Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

223 advisories

Loading
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG... Moderate Unreviewed
CVE-2006-6811 was published May 1, 2022
An authorized user may trigger an invariant which may result in denial of service or server exit... Moderate Unreviewed
CVE-2021-32037 was published May 24, 2022
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of... Moderate Unreviewed
CVE-2022-37051 was published Aug 22, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the... Moderate Unreviewed
CVE-2023-38473 was published Nov 2, 2023
A vulnerability was found in Avahi, where a reachable assertion exists in... Moderate Unreviewed
CVE-2023-38469 was published Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse()... Moderate Unreviewed
CVE-2023-38472 was published Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label()... Moderate Unreviewed
CVE-2023-38470 was published Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. Moderate Unreviewed
CVE-2023-38471 was published Nov 2, 2023
malformed proposed intoto entries can cause a panic Moderate
CVE-2023-33199 was published for github.com/sigstore/rekor (Go) May 26, 2023
cordova-plugin-fingerprint-aio DoS vulnerability Moderate
CVE-2021-43849 was published for cordova-plugin-fingerprint-aio (npm) Nov 2, 2023
0xWise64
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a... Moderate Unreviewed
CVE-2021-3531 was published May 24, 2022
Incomplete validation in signal ops leads to crashes in TensorFlow Moderate
CVE-2022-29213 was published for tensorflow (pip) May 24, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ` Moderate
CVE-2022-41901 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `SdcaOptimizer` Moderate
CVE-2022-41899 was published for tensorflow (pip) Nov 21, 2022
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed
CVE-2019-14383 was published May 24, 2022
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed
CVE-2019-14382 was published May 24, 2022
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion... Moderate Unreviewed
CVE-2019-13113 was published May 24, 2022
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is... Moderate Unreviewed
CVE-2015-8745 was published May 13, 2022
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at... Moderate Unreviewed
CVE-2022-2520 was published Sep 1, 2022
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11... Moderate Unreviewed
CVE-2017-12168 was published May 13, 2022
A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an... Moderate Unreviewed
CVE-2019-13223 was published May 24, 2022
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of... Moderate Unreviewed
CVE-2021-45861 was published Mar 3, 2022
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed... Moderate Unreviewed
CVE-2022-22901 was published Feb 18, 2022
There is an Assertion 'v->d.lval != v' failed at src/jsiValue.c in Jsish v3.5.0. Moderate Unreviewed
CVE-2021-46506 was published Jan 28, 2022
There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS... Moderate Unreviewed
CVE-2021-46517 was published Jan 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database