GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
222 advisories
Filter by severity
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed...
Moderate
Unreviewed
CVE-2022-22901
was published
Feb 18, 2022
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of...
Moderate
Unreviewed
CVE-2021-45861
was published
Mar 3, 2022
A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an...
Moderate
Unreviewed
CVE-2019-13223
was published
May 24, 2022
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11...
Moderate
Unreviewed
CVE-2017-12168
was published
May 13, 2022
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at...
Moderate
Unreviewed
CVE-2022-2520
was published
Sep 1, 2022
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is...
Moderate
Unreviewed
CVE-2015-8745
was published
May 13, 2022
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion...
Moderate
Unreviewed
CVE-2019-13113
was published
May 24, 2022
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
Moderate
Unreviewed
CVE-2019-14382
was published
May 24, 2022
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
Moderate
Unreviewed
CVE-2019-14383
was published
May 24, 2022
`CHECK` fail via inputs in `SdcaOptimizer`
Moderate
CVE-2022-41899
was published
for
tensorflow
(pip)
Nov 21, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
Moderate
CVE-2022-41901
was published
for
tensorflow
(pip)
Nov 21, 2022
Incomplete validation in signal ops leads to crashes in TensorFlow
Moderate
CVE-2022-29213
was published
for
tensorflow
(pip)
May 24, 2022
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a...
Moderate
Unreviewed
CVE-2021-3531
was published
May 24, 2022
cordova-plugin-fingerprint-aio DoS vulnerability
Moderate
CVE-2021-43849
was published
for
cordova-plugin-fingerprint-aio
(npm)
Nov 2, 2023
malformed proposed intoto entries can cause a panic
Moderate
CVE-2023-33199
was published
for
github.com/sigstore/rekor
(Go)
May 26, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
Moderate
Unreviewed
CVE-2023-38471
was published
Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse()...
Moderate
Unreviewed
CVE-2023-38472
was published
Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label()...
Moderate
Unreviewed
CVE-2023-38470
was published
Nov 2, 2023
A vulnerability was found in Avahi, where a reachable assertion exists in...
Moderate
Unreviewed
CVE-2023-38469
was published
Nov 2, 2023
A vulnerability was found in Avahi. A reachable assertion exists in the...
Moderate
Unreviewed
CVE-2023-38473
was published
Nov 2, 2023
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of...
Moderate
Unreviewed
CVE-2022-37051
was published
Aug 22, 2023
An authorized user may trigger an invariant which may result in denial of service or server exit...
Moderate
Unreviewed
CVE-2021-32037
was published
May 24, 2022
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG...
Moderate
Unreviewed
CVE-2006-6811
was published
May 1, 2022
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via...
Moderate
Unreviewed
CVE-2006-5779
was published
May 1, 2022
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2006-4095
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API