GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,154
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
652
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
420 advisories
Filter by severity
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11...
Moderate
Unreviewed
CVE-2021-25214
was published
May 24, 2022
Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname.
High
Unreviewed
CVE-2019-25036
was published
May 24, 2022
Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an...
High
Unreviewed
CVE-2019-25037
was published
May 24, 2022
Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy.
High
Unreviewed
CVE-2019-25041
was published
May 24, 2022
A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a...
High
Unreviewed
CVE-2021-20217
was published
May 24, 2022
A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence...
Moderate
Unreviewed
CVE-2019-14851
was published
May 24, 2022
Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data...
High
Unreviewed
CVE-2020-11218
was published
May 24, 2022
A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC...
High
Unreviewed
CVE-2021-24029
was published
May 24, 2022
A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may...
Moderate
Unreviewed
CVE-2021-20286
was published
May 24, 2022
A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted...
High
Unreviewed
CVE-2021-20272
was published
May 24, 2022
Context-specific code was included in a shared jump table; resulting in assertions being...
Moderate
Unreviewed
CVE-2021-23970
was published
May 24, 2022
Arithmetic overflow can happen while processing NOA IE due to improper error handling in...
High
Unreviewed
CVE-2020-11296
was published
May 24, 2022
Denial of service while processing fine timing measurement request (FTMR) frame with reserved...
High
Unreviewed
CVE-2020-11280
was published
May 24, 2022
Possible denial of service while handling host WMI command due to improper validation in...
High
Unreviewed
CVE-2020-11278
was published
May 24, 2022
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur...
High
Unreviewed
CVE-2021-27212
was published
May 24, 2022
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing...
High
Unreviewed
CVE-2021-3326
was published
May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X...
High
Unreviewed
CVE-2020-36230
was published
May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the...
High
Unreviewed
CVE-2020-36222
was published
May 24, 2022
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4...
High
Unreviewed
CVE-2020-29562
was published
May 24, 2022
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur...
Moderate
Unreviewed
CVE-2020-25723
was published
May 24, 2022
eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure...
Moderate
Unreviewed
CVE-2020-27617
was published
May 24, 2022
receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets...
High
Unreviewed
CVE-2020-27638
was published
May 24, 2022
Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device...
Moderate
Unreviewed
CVE-2020-1681
was published
May 24, 2022
An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp...
Moderate
Unreviewed
CVE-2020-6097
was published
May 24, 2022
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME...
Moderate
Unreviewed
CVE-2020-8621
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API