GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,913

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

160 advisories

Filter by severity

Sort by

Least recently updated

A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence... Moderate Unreviewed

CVE-2019-14851 was published May 24, 2022

A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may... Moderate Unreviewed

CVE-2021-20286 was published May 24, 2022

Context-specific code was included in a shared jump table; resulting in assertions being... Moderate Unreviewed

CVE-2021-23970 was published May 24, 2022

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur... Moderate Unreviewed

CVE-2020-25723 was published May 24, 2022

eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure... Moderate Unreviewed

CVE-2020-27617 was published May 24, 2022

Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device... Moderate Unreviewed

CVE-2020-1681 was published May 24, 2022

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp... Moderate Unreviewed

CVE-2020-6097 was published May 24, 2022

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21... Moderate Unreviewed

CVE-2020-8623 was published May 24, 2022

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME... Moderate Unreviewed

CVE-2020-8621 was published May 24, 2022

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1... Moderate Unreviewed

CVE-2020-8622 was published May 24, 2022

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with... Moderate Unreviewed

CVE-2020-8620 was published May 24, 2022

In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This... Moderate Unreviewed

CVE-2020-16092 was published May 24, 2022

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to... Moderate Unreviewed

CVE-2020-8618 was published May 24, 2022

An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions... Moderate Unreviewed

CVE-2020-10761 was published May 24, 2022

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an... Moderate Unreviewed

CVE-2020-8617 was published May 24, 2022

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3... Moderate Unreviewed

CVE-2020-11653 was published May 24, 2022

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci... Moderate Unreviewed

CVE-2019-18844 was published May 24, 2022

An invalid hostname option can trigger an assertion failure in the Kea DHCPv4 server process (kea... Moderate Unreviewed

CVE-2019-6473 was published May 24, 2022

A packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit... Moderate Unreviewed

CVE-2019-6472 was published May 24, 2022

A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an... Moderate Unreviewed

CVE-2019-13223 was published May 24, 2022

DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed

CVE-2019-14382 was published May 24, 2022

J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed

CVE-2019-14383 was published May 24, 2022

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion... Moderate Unreviewed

CVE-2019-13113 was published May 24, 2022

The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause... Moderate Unreviewed

CVE-2016-9388 was published May 14, 2022

In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an... Moderate Unreviewed

CVE-2018-9303 was published May 13, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

160 advisories