Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

52 advisories

Loading
wasmvm: Malicious smart contract can crash the chain Moderate
GHSA-23qp-3c2m-xx6w was published for github.com/CosmWasm/wasmvm (Go) Feb 4, 2025
Segfault via invalid attributes in `pywrap_tfe_src.cc` Moderate
CVE-2022-41889 was published for tensorflow (pip) Nov 21, 2022
vulnerability-analyst
NULL Pointer Dereference on moby image history Moderate
CVE-2024-36620 was published for github.com/moby/moby (Go) Nov 29, 2024
PingCAP TiDB nil pointer dereference Moderate
CVE-2024-37820 was published for github.com/pingcap/tidb (Go) Jun 25, 2024
PaddlePaddle nullptr dereference in paddle.crop Moderate
CVE-2023-52312 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle segfault in paddle.dot Moderate
CVE-2023-38676 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle null pointer dereference in paddle.nextafter Moderate
CVE-2023-52302 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle segfault in paddle.put_along_axis Moderate
CVE-2023-52303 was published for paddlepaddle (pip) Jan 3, 2024
Null pointer dereference in TensorFlow Moderate
CVE-2022-23595 was published for tensorflow (pip) Feb 9, 2022
LibOSDP vulnerable to a null pointer deref in osdp_reply_name Moderate
CVE-2024-52296 was published for libosdp (pip) Mar 8, 2024
e-ot
Null pointer dereference in Grappler's `IsConstant` Moderate
CVE-2022-23589 was published for tensorflow (pip) Feb 9, 2022
Null pointer exception in `DeserializeSparse` Moderate
CVE-2021-41215 was published for tensorflow (pip) Nov 10, 2021
Null pointer exception when `Exit` node is not preceded by `Enter` op Moderate
CVE-2021-41217 was published for tensorflow (pip) Nov 10, 2021
Null pointer dereference in TFLite's `Reshape` operator Moderate
CVE-2021-29592 was published for tensorflow (pip) May 21, 2021
Segfault in Tensorflow Moderate
CVE-2020-15190 was published for tensorflow (pip) Sep 25, 2020
Undefined behavior in Tensorflow Moderate
CVE-2020-15191 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow Moderate
CVE-2020-15204 was published for tensorflow (pip) Sep 25, 2020
Null pointer dereference in PKCS12 parsing Moderate
CVE-2024-0727 was published for cryptography (pip) Jan 26, 2024
m3t3kh4n
lxml NULL Pointer Dereference allows attackers to cause a denial of service Moderate
CVE-2022-2309 was published for lxml (pip) Jul 6, 2022
Aubio is vulnerable to a NULL pointer dereference Moderate
CVE-2017-17554 was published for aubio (pip) May 14, 2022
openssl's `MemBio::get_buf` has undefined behavior with empty buffers Moderate
GHSA-q445-7m23-qrmw was published for openssl (Rust) Jul 22, 2024
Segmentation fault in time Moderate
CVE-2020-26235 was published for time (Rust) Aug 25, 2021
quininer JamieMagee
fenhl KamilaBorowska jhpratt michaelkedar
KubeVirt NULL pointer dereference flaw Moderate
CVE-2024-31420 was published for kubevirt.io/kubevirt (Go) Apr 3, 2024
cryptography vulnerable to NULL-dereference when loading PKCS7 certificates Moderate
CVE-2023-49083 was published for cryptography (pip) Nov 28, 2023
pkuzco becojo
Parsing JSON serialized payload without protected field can lead to segfault Moderate
CVE-2024-21664 was published for github.com/lestrrat-go/jwx (Go) Jan 9, 2024
frestr hectorj2f
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database