Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

201 advisories

Loading
xml-rs vulnerable to denial of service via invalid token in XML document High
CVE-2023-34411 was published for xml-rs (Rust) Jun 5, 2023
00xc
rPGP Panics on Malformed Untrusted Input High
CVE-2024-53856 was published for pgp (Rust) Dec 5, 2024
invd hko-s
dignifiedquire link2xt
Open62541 v1.4.6 is has an assertion failure in fuzz_binary_decode, which leads to a crash. High Unreviewed
CVE-2024-53429 was published Dec 3, 2024
Crash when type cannot be specialized in Tensorflow High
CVE-2022-23572 was published for tensorflow (pip) Feb 9, 2022
Reachable Assertion in Tensorflow High
CVE-2022-23571 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-fails when building invalid tensor shapes in Tensorflow High
CVE-2022-23569 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in Tensorflow High
CVE-2022-23565 was published for tensorflow (pip) Feb 9, 2022
Reachable Assertion in Tensorflow High
CVE-2022-23564 was published for tensorflow (pip) Feb 9, 2022
Assertion failure based denial of service in Tensorflow High
CVE-2022-21737 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in Tensorflow High
CVE-2022-21734 was published for tensorflow (pip) Feb 10, 2022
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen... High Unreviewed
CVE-2024-23385 was published Nov 4, 2024
Reachable Assertion in BPv7 parser in µD3TN v0.14.0 allows attacker to disrupt service via... High Unreviewed
CVE-2024-10455 was published Oct 28, 2024
In Modem, there is a possible system crash due to a missing bounds check. This could lead to... High Unreviewed
CVE-2024-20094 was published Oct 7, 2024
In wlan firmware, there is a possible firmware assertion due to improper input handling. This... High Unreviewed
CVE-2023-32820 was published Oct 2, 2023
vLLM denial of service vulnerability High
CVE-2024-8768 was published for vllm (pip) Sep 17, 2024
A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure... High Unreviewed
CVE-2023-5517 was published Feb 13, 2024
Client queries that trigger serving stale data and that also require lookups in local... High Unreviewed
CVE-2024-4076 was published Jul 23, 2024
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache... High Unreviewed
CVE-2024-33601 was published May 6, 2024
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS... High Unreviewed
CVE-2024-34475 was published May 5, 2024
In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an... High Unreviewed
CVE-2024-31744 was published Apr 19, 2024
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment... High Unreviewed
CVE-2023-43529 was published May 6, 2024
Transient DOS while processing multiple payload container type with incorrect container length... High Unreviewed
CVE-2023-33095 was published Mar 4, 2024
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. High Unreviewed
CVE-2023-33096 was published Mar 4, 2024
Transient DOS in Modem while processing invalid System Information Block 1. High Unreviewed
CVE-2023-21646 was published Sep 5, 2023
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication... High Unreviewed
CVE-2022-40504 was published May 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database