GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,001
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
130 advisories
Filter by severity
Kubernetes Nil pointer dereference in KCM after v1 HPA patch request
High
CVE-2024-0793
was published
for
k8s.io/kubernetes
(Go)
Nov 17, 2024
openssl's `MemBio::get_buf` has undefined behavior with empty buffers
Moderate
GHSA-q445-7m23-qrmw
was published
for
openssl
(Rust)
Jul 22, 2024
PingCAP TiDB nil pointer dereference
Moderate
CVE-2024-37820
was published
for
github.com/pingcap/tidb
(Go)
Jun 25, 2024
ws affected by a DoS when handling a request with many HTTP headers
High
CVE-2024-37890
was published
for
ws
(npm)
Jun 17, 2024
KubeVirt NULL pointer dereference flaw
Moderate
CVE-2024-31420
was published
for
kubevirt.io/kubevirt
(Go)
Apr 3, 2024
LibOSDP vulnerable to a null pointer deref in osdp_reply_name
Moderate
CVE-2024-52296
was published
for
libosdp
(pip)
Mar 8, 2024
cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
High
CVE-2024-26130
was published
for
cryptography
(pip)
Feb 21, 2024
Null pointer dereference in PKCS12 parsing
Moderate
CVE-2024-0727
was published
for
cryptography
(pip)
Jan 26, 2024
Parsing JSON serialized payload without protected field can lead to segfault
Moderate
CVE-2024-21664
was published
for
github.com/lestrrat-go/jwx
(Go)
Jan 9, 2024
PaddlePaddle nullptr dereference in paddle.crop
Moderate
CVE-2023-52312
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
PaddlePaddle segfault in paddle.dot
Moderate
CVE-2023-38676
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
PaddlePaddle null pointer dereference in paddle.nextafter
Moderate
CVE-2023-52302
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
PaddlePaddle segfault in paddle.put_along_axis
Moderate
CVE-2023-52303
was published
for
paddlepaddle
(pip)
Jan 3, 2024
cryptography vulnerable to NULL-dereference when loading PKCS7 certificates
Moderate
CVE-2023-49083
was published
for
cryptography
(pip)
Nov 28, 2023
quic-go vulnerable to pointer dereference that can lead to panic
High
CVE-2023-46239
was published
for
github.com/quic-go/quic-go
(Go)
Oct 30, 2023
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel
High
CVE-2023-38171
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
Null pointer dereference in PaddlePaddle
Moderate
CVE-2023-38670
was published
for
paddlepaddle
(pip)
Jul 26, 2023
`openssl` `X509Extension::new` and `X509Extension::new_nid` null pointer dereference
High
GHSA-6hcf-g6gr-hhcr
was published
for
openssl
(Rust)
Mar 24, 2023
TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
High
CVE-2023-25660
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Null Pointer Error in TensorArrayConcatV2
High
CVE-2023-25663
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Null Pointer Error in SparseSparseMaximum
High
CVE-2023-25665
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize
High
CVE-2023-25670
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Null Pointer Error in LookupTableImportV2
High
CVE-2023-25672
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
High
CVE-2023-25674
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow has null dereference on ParallelConcat with XLA
High
CVE-2023-25676
was published
for
tensorflow
(pip)
Mar 24, 2023
ProTip!
Advisories are also available from the
GraphQL API