GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
50 advisories
Filter by severity
NULL Pointer Dereference in Kubernetes CSI snapshot-controller
Moderate
CVE-2020-8569
was published
for
github.com/kubernetes-csi/external-snapshotter/v2
(Go)
Feb 15, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd
Moderate
CVE-2022-29206
was published
for
tensorflow
(pip)
May 24, 2022
Segfault due to missing support for quantized types
Moderate
CVE-2022-29205
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D`
Moderate
CVE-2022-29201
was published
for
tensorflow
(pip)
May 24, 2022
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server
Moderate
CVE-2022-31077
was published
for
github.com/kubeedge/kubeedge
(Go)
Jun 25, 2022
CloudCore UDS Server: Malicious Message can crash CloudCore
Moderate
CVE-2022-31076
was published
for
github.com/kubeedge/kubeedge
(Go)
Jun 25, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`
Moderate
CVE-2022-36013
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Moderate
CVE-2022-36011
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`
Moderate
CVE-2022-36014
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`
Moderate
CVE-2022-35965
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Moderate
CVE-2022-36000
was published
for
tensorflow
(pip)
Sep 16, 2022
Segfault via invalid attributes in `pywrap_tfe_src.cc`
Moderate
CVE-2022-41889
was published
for
tensorflow
(pip)
Nov 21, 2022
Integer Overflow in openssl-src
Moderate
CVE-2021-23841
was published
for
openssl-src
(Rust)
Aug 25, 2021
futures_task::noop_waker_ref can segfault due to dereferencing a NULL pointer
Moderate
CVE-2020-35907
was published
for
futures-task
(Rust)
May 24, 2022
Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing
Moderate
CVE-2021-3537
was published
for
nokogiri
(RubyGems)
May 24, 2022
Segfault in `CompositeTensorVariantToComponents`
Moderate
CVE-2022-41909
was published
for
tensorflow
(pip)
Nov 21, 2022
NULL pointer derefernce in `stb_image`
Moderate
GHSA-ppjr-267j-5p9x
was published
for
stb_image
(Rust)
Mar 20, 2023
OpenDaylight NULL Pointer Dereference
Moderate
CVE-2017-1000360
was published
for
org.opendaylight.controller:releasepom
(Maven)
May 13, 2022
LIEF contains segmentation violation
Moderate
CVE-2022-38307
was published
for
lief
(pip)
Sep 14, 2022
LIEF contains a segmentation violation
Moderate
CVE-2022-38497
was published
for
lief
(pip)
Sep 14, 2022
cairo is vulnerable to denial of service due to a null pointer dereference
Moderate
CVE-2017-7475
was published
for
cairo
(RubyGems)
Nov 15, 2017
Helm vulnerable to denial of service through schema file
Moderate
CVE-2022-23526
was published
for
helm.sh/helm/v3
(Go)
Dec 14, 2022
openssl-src NULL pointer Dereference in signature_algorithms processing
Moderate
CVE-2021-3449
was published
for
openssl-src
(Rust)
Aug 25, 2021
Helm vulnerable to denial of service through through repository index file
Moderate
CVE-2022-23525
was published
for
helm.sh/helm/v3
(Go)
Dec 14, 2022
Denial of Service in Go-Ethereum
Moderate
CVE-2021-43668
was published
for
github.com/ethereum/go-ethereum
(Go)
Nov 23, 2021
ProTip!
Advisories are also available from the
GraphQL API