GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,892

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

425 advisories

Filter by severity

Sort by

Least recently updated

eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure... Moderate Unreviewed

CVE-2020-27617 was published May 24, 2022

receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets... High Unreviewed

CVE-2020-27638 was published May 24, 2022

Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device... Moderate Unreviewed

CVE-2020-1681 was published May 24, 2022

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp... Moderate Unreviewed

CVE-2020-6097 was published May 24, 2022

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21... Moderate Unreviewed

CVE-2020-8623 was published May 24, 2022

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME... Moderate Unreviewed

CVE-2020-8621 was published May 24, 2022

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with... Moderate Unreviewed

CVE-2020-8620 was published May 24, 2022

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1... Moderate Unreviewed

CVE-2020-8622 was published May 24, 2022

In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This... Moderate Unreviewed

CVE-2020-16092 was published May 24, 2022

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to... Moderate Unreviewed

CVE-2020-8618 was published May 24, 2022

An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions... Moderate Unreviewed

CVE-2020-10761 was published May 24, 2022

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an... Moderate Unreviewed

CVE-2020-8617 was published May 24, 2022

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3... Moderate Unreviewed

CVE-2020-11653 was published May 24, 2022

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci... Moderate Unreviewed

CVE-2019-18844 was published May 24, 2022

The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858;... High Unreviewed

CVE-2018-5735 was published May 24, 2022

A defect in code added to support QNAME minimization can cause named to exit with an assertion... High Unreviewed

CVE-2019-6476 was published May 24, 2022

A packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit... Moderate Unreviewed

CVE-2019-6472 was published May 24, 2022

An invalid hostname option can trigger an assertion failure in the Kea DHCPv4 server process (kea... Moderate Unreviewed

CVE-2019-6473 was published May 24, 2022

An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit... High Unreviewed

CVE-2019-6469 was published May 24, 2022

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in... High Unreviewed

CVE-2019-6468 was published May 24, 2022

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An... High Unreviewed

CVE-2019-15892 was published May 24, 2022

A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an... Moderate Unreviewed

CVE-2019-13223 was published May 24, 2022

DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed

CVE-2019-14382 was published May 24, 2022

J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed

CVE-2019-14383 was published May 24, 2022

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion... Moderate Unreviewed

CVE-2019-13113 was published May 24, 2022

Previous 1 2 … 8 9 10 11 12 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

425 advisories