GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,246
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
417 advisories
Filter by severity
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel...
Moderate
Unreviewed
CVE-2022-29977
was published
May 12, 2022
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed...
High
Unreviewed
CVE-2022-29339
was published
May 6, 2022
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG...
Moderate
Unreviewed
CVE-2006-6811
was published
May 1, 2022
oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1)...
High
Unreviewed
CVE-2006-6767
was published
May 1, 2022
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via...
Moderate
Unreviewed
CVE-2006-5779
was published
May 1, 2022
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2006-4095
was published
May 1, 2022
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal
Moderate
Unreviewed
CVE-2012-5521
was published
Apr 23, 2022
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT...
High
Unreviewed
CVE-2011-3596
was published
Apr 22, 2022
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect...
Moderate
Unreviewed
CVE-2022-24272
was published
Apr 22, 2022
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of...
High
Unreviewed
CVE-2022-20694
was published
Apr 16, 2022
There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos ==...
High
Unreviewed
CVE-2022-27448
was published
Apr 15, 2022
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component...
High
Unreviewed
CVE-2022-27382
was published
Apr 13, 2022
Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in...
High
Unreviewed
CVE-2021-30328
was published
Apr 2, 2022
Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon...
High
Unreviewed
CVE-2021-30332
was published
Apr 2, 2022
Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon...
High
Unreviewed
CVE-2021-30329
was published
Apr 2, 2022
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a...
Moderate
Unreviewed
CVE-2022-27938
was published
Mar 27, 2022
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
Moderate
Unreviewed
CVE-2022-27939
was published
Mar 27, 2022
Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific...
High
Unreviewed
CVE-2022-0635
was published
Mar 24, 2022
When the vulnerability is triggered the BIND process will exit. BIND 9.18.0
High
Unreviewed
CVE-2022-0667
was published
Mar 23, 2022
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in...
Moderate
Unreviewed
CVE-2022-25484
was published
Mar 23, 2022
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via...
Moderate
Unreviewed
CVE-2022-0865
was published
Mar 11, 2022
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of...
Moderate
Unreviewed
CVE-2021-45861
was published
Mar 3, 2022
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed...
Moderate
Unreviewed
CVE-2022-22901
was published
Feb 18, 2022
Possible assertion due to improper size validation while processing the DownlinkPreemption IE in...
High
Unreviewed
CVE-2021-30326
was published
Feb 12, 2022
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
Moderate
Unreviewed
CVE-2021-45386
was published
Feb 12, 2022
ProTip!
Advisories are also available from the
GraphQL API