Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

360 advisories

Loading
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT... High Unreviewed
CVE-2011-3596 was published Apr 22, 2022
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect... Moderate Unreviewed
CVE-2022-24272 was published Apr 22, 2022
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of... High Unreviewed
CVE-2022-20694 was published Apr 16, 2022
There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos ==... High Unreviewed
CVE-2022-27448 was published Apr 15, 2022
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component... High Unreviewed
CVE-2022-27382 was published Apr 13, 2022
Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in... High Unreviewed
CVE-2021-30328 was published Apr 2, 2022
Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2021-30332 was published Apr 2, 2022
Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2021-30329 was published Apr 2, 2022
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a... Moderate Unreviewed
CVE-2022-27938 was published Mar 27, 2022
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. Moderate Unreviewed
CVE-2022-27939 was published Mar 27, 2022
Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific... High Unreviewed
CVE-2022-0635 was published Mar 24, 2022
When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 High Unreviewed
CVE-2022-0667 was published Mar 23, 2022
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in... Moderate Unreviewed
CVE-2022-25484 was published Mar 23, 2022
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via... Moderate Unreviewed
CVE-2022-0865 was published Mar 11, 2022
There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of... Moderate Unreviewed
CVE-2021-45861 was published Mar 3, 2022
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed... Moderate Unreviewed
CVE-2022-22901 was published Feb 18, 2022
Possible assertion due to improper size validation while processing the DownlinkPreemption IE in... High Unreviewed
CVE-2021-30326 was published Feb 12, 2022
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. Moderate Unreviewed
CVE-2021-45387 was published Feb 12, 2022
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c Moderate Unreviewed
CVE-2021-45386 was published Feb 12, 2022
MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a... High Unreviewed
CVE-2021-46666 was published Feb 2, 2022
There is an Assertion 'vp != resPtr' failed at jsiEval.c in Jsish v3.5.0. Moderate Unreviewed
CVE-2021-46504 was published Jan 28, 2022
There is an Assertion 'v->d.lval != v' failed at src/jsiValue.c in Jsish v3.5.0. Moderate Unreviewed
CVE-2021-46506 was published Jan 28, 2022
There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0. Moderate Unreviewed
CVE-2021-46508 was published Jan 28, 2022
There is an Assertion `s < mjs->owned_strings.buf + mjs->owned_strings.len' failed at src/mjs_gc... Moderate Unreviewed
CVE-2021-46510 was published Jan 28, 2022
There is an Assertion `m->len >= sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0. Moderate Unreviewed
CVE-2021-46511 was published Jan 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database