GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
169 advisories
Filter by severity
Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow....
Moderate
Unreviewed
CVE-2024-7139
was published
Dec 19, 2024
An assert may be triggered, causing a temporary denial of service when a peer device sends a...
Moderate
Unreviewed
CVE-2024-7138
was published
Dec 19, 2024
In the Linux kernel, the following vulnerability has been resolved:
closures: Change BUG_ON() to...
Moderate
Unreviewed
CVE-2024-42252
was published
Aug 8, 2024
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of...
Moderate
Unreviewed
CVE-2024-20139
was published
Dec 2, 2024
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of...
Moderate
Unreviewed
CVE-2021-1440
was published
Nov 18, 2024
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't readahead the...
Moderate
Unreviewed
CVE-2024-49932
was published
Oct 21, 2024
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an...
Moderate
Unreviewed
CVE-2024-23850
was published
Jan 23, 2024
TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to...
Moderate
Unreviewed
CVE-2024-50615
was published
Oct 28, 2024
TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application...
Moderate
Unreviewed
CVE-2024-50614
was published
Oct 28, 2024
libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in...
Moderate
Unreviewed
CVE-2024-50613
was published
Oct 28, 2024
A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net...
Moderate
Unreviewed
CVE-2024-8354
was published
Sep 19, 2024
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause...
Moderate
Unreviewed
CVE-2016-9388
was published
May 14, 2022
In the Linux kernel, the following vulnerability has been resolved:
mm: page_ref: remove...
Moderate
Unreviewed
CVE-2024-42251
was published
Aug 8, 2024
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR...
Moderate
Unreviewed
CVE-2024-23350
was published
Aug 5, 2024
Jerryscript commit cefd391 was discovered to contain an Assertion Failure via...
Moderate
Unreviewed
CVE-2024-33255
was published
Apr 26, 2024
An unauthenticated user can trigger a fatal assertion in the server while generating ftdc...
Moderate
Unreviewed
CVE-2024-3374
was published
May 14, 2024
A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for...
Moderate
Unreviewed
CVE-2023-5871
was published
Nov 27, 2023
A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-36840
was published
Jul 14, 2023
A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function...
Moderate
Unreviewed
CVE-2024-3567
was published
Apr 10, 2024
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead...
Moderate
Unreviewed
CVE-2022-38349
was published
Aug 22, 2023
A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of...
Moderate
Unreviewed
CVE-2022-37052
was published
Aug 22, 2023
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function...
Moderate
Unreviewed
CVE-2022-35205
was published
Aug 22, 2023
Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of...
Moderate
Unreviewed
CVE-2021-46179
was published
Aug 22, 2023
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by...
Moderate
Unreviewed
CVE-2021-31294
was published
Jul 16, 2023
libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook...
Moderate
Unreviewed
CVE-2023-37836
was published
Jul 14, 2023
ProTip!
Advisories are also available from the
GraphQL API