GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
54 advisories
Filter by severity
Null pointer dereference in PKCS12 parsing
Moderate
CVE-2024-0727
was published
for
cryptography
(pip)
Jan 26, 2024
lxml NULL Pointer Dereference allows attackers to cause a denial of service
Moderate
CVE-2022-2309
was published
for
lxml
(pip)
Jul 6, 2022
Aubio is vulnerable to a NULL pointer dereference
Moderate
CVE-2017-17554
was published
for
aubio
(pip)
May 14, 2022
Null pointer dereference in TFLite's `Reshape` operator
Moderate
CVE-2021-29592
was published
for
tensorflow
(pip)
May 21, 2021
NULL Pointer Dereference in Google TensorFlow
Moderate
CVE-2019-9635
was published
for
tensorflow
(pip)
Apr 30, 2019
Null pointer dereference in TensorFlow leads to exploitation
Moderate
CVE-2018-7576
was published
for
tensorflow
(pip)
Apr 24, 2019
openssl's `MemBio::get_buf` has undefined behavior with empty buffers
Moderate
GHSA-q445-7m23-qrmw
was published
for
openssl
(Rust)
Jul 22, 2024
KubeVirt NULL pointer dereference flaw
Moderate
CVE-2024-31420
was published
for
kubevirt.io/kubevirt
(Go)
Apr 3, 2024
cryptography vulnerable to NULL-dereference when loading PKCS7 certificates
Moderate
CVE-2023-49083
was published
for
cryptography
(pip)
Nov 28, 2023
Parsing JSON serialized payload without protected field can lead to segfault
Moderate
CVE-2024-21664
was published
for
github.com/lestrrat-go/jwx
(Go)
Jan 9, 2024
PaddlePaddle nullptr dereference in paddle.crop
Moderate
CVE-2023-52312
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
PaddlePaddle segfault in paddle.put_along_axis
Moderate
CVE-2023-52303
was published
for
paddlepaddle
(pip)
Jan 3, 2024
PaddlePaddle segfault in paddle.dot
Moderate
CVE-2023-38676
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
PaddlePaddle null pointer dereference in paddle.nextafter
Moderate
CVE-2023-52302
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
Null pointer dereference in PaddlePaddle
Moderate
CVE-2023-38670
was published
for
paddlepaddle
(pip)
Jul 26, 2023
Denial-of-Service within Docker container
Moderate
CVE-2020-26213
was published
for
ktbs.dev/teler
(Go)
May 24, 2021
Consul Server Panic when Ingress and API Gateways Configured with Peering Connections
Moderate
CVE-2023-0845
was published
for
github.com/hashicorp/consul
(Go)
Mar 9, 2023
Denial of Service in Go-Ethereum
Moderate
CVE-2021-43668
was published
for
github.com/ethereum/go-ethereum
(Go)
Nov 23, 2021
Helm vulnerable to denial of service through through repository index file
Moderate
CVE-2022-23525
was published
for
helm.sh/helm/v3
(Go)
Dec 14, 2022
openssl-src NULL pointer Dereference in signature_algorithms processing
Moderate
CVE-2021-3449
was published
for
openssl-src
(Rust)
Aug 25, 2021
Helm vulnerable to denial of service through schema file
Moderate
CVE-2022-23526
was published
for
helm.sh/helm/v3
(Go)
Dec 14, 2022
cairo is vulnerable to denial of service due to a null pointer dereference
Moderate
CVE-2017-7475
was published
for
cairo
(RubyGems)
Nov 15, 2017
LIEF contains a segmentation violation
Moderate
CVE-2022-38497
was published
for
lief
(pip)
Sep 14, 2022
LIEF contains segmentation violation
Moderate
CVE-2022-38307
was published
for
lief
(pip)
Sep 14, 2022
ProTip!
Advisories are also available from the
GraphQL API