GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
432 advisories
Filter by severity
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse()...
Moderate
Unreviewed
CVE-2023-38472
was published
Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
Moderate
Unreviewed
CVE-2023-38471
was published
Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label()...
Moderate
Unreviewed
CVE-2023-38470
was published
Nov 2, 2023
malformed proposed intoto entries can cause a panic
Moderate
CVE-2023-33199
was published
for
github.com/sigstore/rekor
(Go)
May 26, 2023
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate...
High
Unreviewed
CVE-2023-4236
was published
Sep 20, 2023
cordova-plugin-fingerprint-aio DoS vulnerability
Moderate
CVE-2021-43849
was published
for
cordova-plugin-fingerprint-aio
(npm)
Nov 2, 2023
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a...
Moderate
Unreviewed
CVE-2021-3531
was published
May 24, 2022
Incomplete validation in signal ops leads to crashes in TensorFlow
Moderate
CVE-2022-29213
was published
for
tensorflow
(pip)
May 24, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
Moderate
CVE-2022-41901
was published
for
tensorflow
(pip)
Nov 21, 2022
`CHECK` fail via inputs in `SdcaOptimizer`
Moderate
CVE-2022-41899
was published
for
tensorflow
(pip)
Nov 21, 2022
Arithmetic overflow can happen while processing NOA IE due to improper error handling in...
High
Unreviewed
CVE-2020-11296
was published
May 24, 2022
An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. It allows...
High
Unreviewed
CVE-2022-47516
was published
Dec 18, 2022
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of...
High
Unreviewed
CVE-2023-27783
was published
Mar 16, 2023
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the...
High
Unreviewed
CVE-2023-27789
was published
Mar 16, 2023
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via...
High
Unreviewed
CVE-2023-27788
was published
Mar 16, 2023
Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature...
High
Unreviewed
CVE-2021-38385
was published
May 24, 2022
Possible denial of service due to improper validation of DNS response when DNS client requests...
High
Unreviewed
CVE-2021-30307
was published
Jan 14, 2022
Possible assertion due to improper size validation while processing the DownlinkPreemption IE in...
High
Unreviewed
CVE-2021-30326
was published
Feb 12, 2022
Improper validation of function pointer type with actual function signature can lead to assertion...
High
Unreviewed
CVE-2021-30353
was published
Jan 14, 2022
Possible assertion due to improper validation of symbols configured for PDCCH monitoring in...
High
Unreviewed
CVE-2021-30287
was published
Jan 14, 2022
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.
High
Unreviewed
CVE-2022-40527
was published
Mar 10, 2023
Transient DOS due to reachable assertion in Modem while processing SIB1 Message.
High
Unreviewed
CVE-2022-33254
was published
Mar 10, 2023
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message...
High
Unreviewed
CVE-2022-33250
was published
Mar 10, 2023
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout
High
Unreviewed
CVE-2022-33244
was published
Mar 10, 2023
Transient DOS in modem due to reachable assertion.
High
Unreviewed
CVE-2022-33272
was published
Mar 10, 2023
ProTip!
Advisories are also available from the
GraphQL API