Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

127 advisories

Loading
Chrono has potential segfault issue in SPIFFE authenticator Low
GHSA-45w3-v3g4-54pm was published for parsec-service (Rust) Feb 11, 2022
NULL Pointer Dereference in Kubernetes CSI snapshot-controller Moderate
CVE-2020-8569 was published for github.com/kubernetes-csi/external-snapshotter/v2 (Go) Feb 15, 2022
Null pointer deference in cache High
CVE-2021-25903 was published for cache (Rust) Aug 25, 2021
NULL Pointer Dereference in cbox Critical
CVE-2020-35860 was published for cbox (Rust) Aug 25, 2021
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow Critical
GHSA-h6gw-r52c-724r was published for tensorflow (pip) Feb 9, 2022
Null pointer deference in av-data High
CVE-2021-25904 was published for av-data (Rust) Aug 25, 2021
NULL Pointer Dereference in HyperLedger Fabric High
CVE-2021-43667 was published for github.com/hyperledger/fabric (Go) May 25, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd Moderate
CVE-2022-29206 was published for tensorflow (pip) May 24, 2022
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D` Moderate
CVE-2022-29201 was published for tensorflow (pip) May 24, 2022
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server Moderate
CVE-2022-31077 was published for github.com/kubeedge/kubeedge (Go) Jun 25, 2022
DavidKorczynski AdamKorcz
CloudCore UDS Server: Malicious Message can crash CloudCore Moderate
CVE-2022-31076 was published for github.com/kubeedge/kubeedge (Go) Jun 25, 2022
DavidKorczynski AdamKorcz
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef` Moderate
CVE-2022-36013 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes Moderate
CVE-2022-36011 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr` Moderate
CVE-2022-36014 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound` Moderate
CVE-2022-35965 was published for tensorflow (pip) Sep 16, 2022
NumPy NULL Pointer Dereference High
CVE-2021-41495 was published for numpy (pip) Feb 8, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes Moderate
CVE-2022-36000 was published for tensorflow (pip) Sep 16, 2022
Socket.IO-client Java before 2.0.1 vulnerable to NULL Pointer Dereference High
CVE-2022-25867 was published for io.socket:socket.io-client (Maven) Aug 3, 2022
Segfault via invalid attributes in `pywrap_tfe_src.cc` Moderate
CVE-2022-41889 was published for tensorflow (pip) Nov 21, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2020-13934 was published for org.apache.tomcat:tomcat (Maven) Feb 8, 2022
NULL Pointer Dereference in OpenCV. High
CVE-2019-14493 was published for opencv-contrib-python (pip) Oct 12, 2021
Unchecked return value from xmlTextReaderExpand High
CVE-2022-23476 was published for nokogiri (RubyGems) Dec 8, 2022
Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp High
CVE-2022-39381 was published for hummus (npm) Nov 2, 2022
kilsen through-a-haze
Nil dereference in NATS JWT, DoS of nats-server High
CVE-2020-26521 was published for github.com/nats-io/jwt (Go) Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database