Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

160 advisories

Loading
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in... Moderate Unreviewed
CVE-2022-25484 was published Mar 23, 2022
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a... Moderate Unreviewed
CVE-2022-27938 was published Mar 27, 2022
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect... Moderate Unreviewed
CVE-2022-24272 was published Apr 22, 2022
Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device... Moderate Unreviewed
CVE-2020-1681 was published May 24, 2022
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This... Moderate Unreviewed
CVE-2020-16092 was published May 24, 2022
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the... Moderate Unreviewed
CVE-2020-20265 was published May 24, 2022
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in... Moderate Unreviewed
CVE-2022-32978 was published Jun 11, 2022
Improper handling of writes to virtual GICR control can lead to assertion failure in the... Moderate Unreviewed
CVE-2021-35101 was published Jun 15, 2022
Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment()... Moderate Unreviewed
CVE-2022-33069 was published Jun 24, 2022
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in... Moderate Unreviewed
CVE-2017-11683 was published May 13, 2022
An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions... Moderate Unreviewed
CVE-2020-10761 was published May 24, 2022
LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component... Moderate Unreviewed
CVE-2022-38496 was published Sep 14, 2022
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via... Moderate Unreviewed
CVE-2022-0865 was published Mar 11, 2022
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was... Moderate Unreviewed
CVE-2022-2719 was published Aug 11, 2022
Assertion fail in the display_debug_names() function in binutils/dwarf.c may lead to program... Moderate Unreviewed
CVE-2022-38126 was published Sep 2, 2022
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci... Moderate Unreviewed
CVE-2019-18844 was published May 24, 2022
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to... Moderate Unreviewed
CVE-2020-8618 was published May 24, 2022
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with... Moderate Unreviewed
CVE-2020-8620 was published May 24, 2022
An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp... Moderate Unreviewed
CVE-2020-6097 was published May 24, 2022
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME... Moderate Unreviewed
CVE-2020-8621 was published May 24, 2022
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21... Moderate Unreviewed
CVE-2020-8623 was published May 24, 2022
Context-specific code was included in a shared jump table; resulting in assertions being... Moderate Unreviewed
CVE-2021-23970 was published May 24, 2022
A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may... Moderate Unreviewed
CVE-2021-20286 was published May 24, 2022
A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence... Moderate Unreviewed
CVE-2019-14851 was published May 24, 2022
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the... Moderate Unreviewed
CVE-2020-20214 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API