GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,045
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
107 advisories
Filter by severity
Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can...
Critical
Unreviewed
CVE-2021-35068
was published
Feb 12, 2022
Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR...
Critical
Unreviewed
CVE-2022-27567
was published
Apr 12, 2022
Null pointer dereference vulnerability in parser_unknown_property function in libsimba library...
Critical
Unreviewed
CVE-2022-26097
was published
Apr 12, 2022
Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR...
Critical
Unreviewed
CVE-2022-26094
was published
Apr 12, 2022
Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR...
Critical
Unreviewed
CVE-2022-26095
was published
Apr 12, 2022
Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR...
Critical
Unreviewed
CVE-2022-26099
was published
Apr 12, 2022
Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR...
Critical
Unreviewed
CVE-2022-26096
was published
Apr 12, 2022
Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR...
Critical
Unreviewed
CVE-2022-26093
was published
Apr 12, 2022
liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles...
Critical
Unreviewed
CVE-2022-30592
was published
May 12, 2022
The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4...
Critical
Unreviewed
CVE-2015-8787
was published
May 13, 2022
In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result...
Critical
Unreviewed
CVE-2017-12627
was published
May 13, 2022
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL...
Critical
Unreviewed
CVE-2017-3169
was published
May 13, 2022
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function...
Critical
Unreviewed
CVE-2017-18211
was published
May 13, 2022
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function...
Critical
Unreviewed
CVE-2017-14624
was published
May 13, 2022
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function...
Critical
Unreviewed
CVE-2017-14625
was published
May 13, 2022
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode...
Critical
Unreviewed
CVE-2017-14626
was published
May 13, 2022
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
Critical
Unreviewed
CVE-2017-14532
was published
May 13, 2022
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header...
Critical
Unreviewed
CVE-2018-16657
was published
May 13, 2022
drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in...
Critical
Unreviewed
CVE-2015-0573
was published
May 13, 2022
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in...
Critical
Unreviewed
CVE-2018-1000800
was published
May 13, 2022
NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows...
Critical
Unreviewed
CVE-2016-6604
was published
May 13, 2022
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.
Critical
Unreviewed
CVE-2017-11125
was published
May 13, 2022
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
Critical
Unreviewed
CVE-2017-11124
was published
May 13, 2022
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,...
Critical
Unreviewed
CVE-2018-7497
was published
May 13, 2022
LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability,...
Critical
Unreviewed
CVE-2018-17893
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API