GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
124 advisories
Filter by severity
Null pointer deference in openssl-src
High
CVE-2020-1967
was published
for
openssl-src
(Rust)
Aug 25, 2021
Reference binding to null in `ParameterizedTruncatedNormal`
Low
CVE-2021-29568
was published
for
tensorflow
(pip)
May 21, 2021
ActiveRecord in Ruby on Rails allows database-query bypass
High
CVE-2016-6317
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing
Moderate
CVE-2021-3537
was published
for
nokogiri
(RubyGems)
May 24, 2022
Segfault in `CompositeTensorVariantToComponents`
Moderate
CVE-2022-41909
was published
for
tensorflow
(pip)
Nov 21, 2022
NULL pointer derefernce in `stb_image`
Moderate
GHSA-ppjr-267j-5p9x
was published
for
stb_image
(Rust)
Mar 20, 2023
Aubio is vulnerable to a NULL pointer dereference
Moderate
CVE-2017-17554
was published
for
aubio
(pip)
May 14, 2022
OpenDaylight NULL Pointer Dereference
Moderate
CVE-2017-1000360
was published
for
org.opendaylight.controller:releasepom
(Maven)
May 13, 2022
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function
High
CVE-2018-19802
was published
for
aubio
(pip)
Jul 26, 2019
NULL Pointer Dereference in Protocol Buffers
High
CVE-2021-22570
was published
for
Google.Protobuf
(Composer)
Jan 27, 2022
Aubio is vulnerable to a NULL pointer dereference in new_aubio_filterbank
High
CVE-2018-19801
was published
for
aubio
(pip)
Jul 26, 2019
LIEF contains segmentation violation
Moderate
CVE-2022-38307
was published
for
lief
(pip)
Sep 14, 2022
LIEF contains a segmentation violation
Moderate
CVE-2022-38497
was published
for
lief
(pip)
Sep 14, 2022
Nokogiri NULL Pointer Dereference
High
CVE-2018-14404
was published
for
nokogiri
(RubyGems)
Jan 17, 2019
cairo is vulnerable to denial of service due to a null pointer dereference
Moderate
CVE-2017-7475
was published
for
cairo
(RubyGems)
Nov 15, 2017
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption
Critical
CVE-2021-4236
was published
for
github.com/ecnepsnai/web
(Go)
Dec 28, 2022
Nil dereference in NATS JWT causing DoS of nats-server
High
GHSA-hmm9-r2m2-qg9w
was published
for
github.com/nats-io/jwt
(Go)
May 21, 2021
Helm vulnerable to denial of service through schema file
Moderate
CVE-2022-23526
was published
for
helm.sh/helm/v3
(Go)
Dec 14, 2022
openssl-src NULL pointer Dereference in signature_algorithms processing
Moderate
CVE-2021-3449
was published
for
openssl-src
(Rust)
Aug 25, 2021
lxml NULL Pointer Dereference allows attackers to cause a denial of service
Moderate
CVE-2022-2309
was published
for
lxml
(pip)
Jul 6, 2022
Helm vulnerable to denial of service through through repository index file
Moderate
CVE-2022-23525
was published
for
helm.sh/helm/v3
(Go)
Dec 14, 2022
Denial of Service in Go-Ethereum
Moderate
CVE-2021-43668
was published
for
github.com/ethereum/go-ethereum
(Go)
Nov 23, 2021
Consul Server Panic when Ingress and API Gateways Configured with Peering Connections
Moderate
CVE-2023-0845
was published
for
github.com/hashicorp/consul
(Go)
Mar 9, 2023
Go Ethereum Denial of Service
High
CVE-2018-19184
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
ProTip!
Advisories are also available from the
GraphQL API