Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
Kubernetes Nil pointer dereference in KCM after v1 HPA patch request High
CVE-2024-0793 was published for k8s.io/kubernetes (Go) Nov 17, 2024
openssl's `MemBio::get_buf` has undefined behavior with empty buffers Moderate
GHSA-q445-7m23-qrmw was published for openssl (Rust) Jul 22, 2024
PingCAP TiDB nil pointer dereference Moderate
CVE-2024-37820 was published for github.com/pingcap/tidb (Go) Jun 25, 2024
ws affected by a DoS when handling a request with many HTTP headers High
CVE-2024-37890 was published for ws (npm) Jun 17, 2024
rrlapointe
KubeVirt NULL pointer dereference flaw Moderate
CVE-2024-31420 was published for kubevirt.io/kubevirt (Go) Apr 3, 2024
LibOSDP vulnerable to a null pointer deref in osdp_reply_name Moderate
CVE-2024-52296 was published for libosdp (pip) Mar 8, 2024
e-ot
cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override High
CVE-2024-26130 was published for cryptography (pip) Feb 21, 2024
Alexander-Programming cd-work
Null pointer dereference in PKCS12 parsing Moderate
CVE-2024-0727 was published for cryptography (pip) Jan 26, 2024
m3t3kh4n
Parsing JSON serialized payload without protected field can lead to segfault Moderate
CVE-2024-21664 was published for github.com/lestrrat-go/jwx (Go) Jan 9, 2024
frestr hectorj2f
PaddlePaddle nullptr dereference in paddle.crop Moderate
CVE-2023-52312 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle segfault in paddle.dot Moderate
CVE-2023-38676 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle null pointer dereference in paddle.nextafter Moderate
CVE-2023-52302 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle segfault in paddle.put_along_axis Moderate
CVE-2023-52303 was published for paddlepaddle (pip) Jan 3, 2024
cryptography vulnerable to NULL-dereference when loading PKCS7 certificates Moderate
CVE-2023-49083 was published for cryptography (pip) Nov 28, 2023
pkuzco becojo
quic-go vulnerable to pointer dereference that can lead to panic High
CVE-2023-46239 was published for github.com/quic-go/quic-go (Go) Oct 30, 2023
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel High
CVE-2023-38171 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
Null pointer dereference in PaddlePaddle Moderate
CVE-2023-38670 was published for paddlepaddle (pip) Jul 26, 2023
`openssl` `X509Extension::new` and `X509Extension::new_nid` null pointer dereference High
GHSA-6hcf-g6gr-hhcr was published for openssl (Rust) Mar 24, 2023
TensorFlow vulnerable to seg fault in `tf.raw_ops.Print` High
CVE-2023-25660 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Null Pointer Error in TensorArrayConcatV2 High
CVE-2023-25663 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Null Pointer Error in SparseSparseMaximum High
CVE-2023-25665 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize High
CVE-2023-25670 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Null Pointer Error in LookupTableImportV2 High
CVE-2023-25672 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Null Pointer Error in RandomShuffle with XLA enable High
CVE-2023-25674 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has null dereference on ParallelConcat with XLA High
CVE-2023-25676 was published for tensorflow (pip) Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database