GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
54 advisories
Filter by severity
NULL Pointer Dereference in Protocol Buffers
High
CVE-2021-22570
was published
for
Google.Protobuf
(Composer)
Jan 27, 2022
Aubio is vulnerable to a NULL pointer dereference in new_aubio_filterbank
High
CVE-2018-19801
was published
for
aubio
(pip)
Jul 26, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function
High
CVE-2018-19802
was published
for
aubio
(pip)
Jul 26, 2019
Null pointer dereference in TFLite MLIR optimizations
High
CVE-2021-37689
was published
for
tensorflow
(pip)
Aug 25, 2021
Null pointer dereference in TFLite
High
CVE-2021-37688
was published
for
tensorflow
(pip)
Aug 25, 2021
ws affected by a DoS when handling a request with many HTTP headers
High
CVE-2024-37890
was published
for
ws
(npm)
Jun 17, 2024
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel
High
CVE-2023-38171
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
Duplicate Advisory: gosaml2 is vulnerable to NULL Pointer Dereference from malformed XML signatures
High
GHSA-gq5r-cc4w-g8xf
was published
for
github.com/russellhaering/gosaml2
(Go)
Jun 23, 2021
•
withdrawn
golang.org/x/net/html NULL Pointer Dereference vulnerability
High
CVE-2018-17142
was published
for
golang.org/x/net
(Go)
May 13, 2022
golang.org/x/net/html NULL Pointer Dereference vulnerability
High
CVE-2018-17075
was published
for
golang.org/x/net
(Go)
May 13, 2022
github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference
High
CVE-2020-7731
was published
for
github.com/russellhaering/gosaml2
(Go)
Nov 15, 2022
goxmldsig vulnerable to crash on nil-pointer dereference caused by sending malformed XML signatures
High
CVE-2020-7711
was published
for
github.com/russellhaering/gosaml2
(Go)
Oct 7, 2022
cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
High
CVE-2024-26130
was published
for
cryptography
(pip)
Feb 21, 2024
openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functions
High
CVE-2023-0216
was published
for
openssl-src
(Rust)
Feb 8, 2023
openssl-src subject to NULL dereference validating DSA public key
High
CVE-2023-0217
was published
for
openssl-src
(Rust)
Feb 8, 2023
openssl-src contains `NULL` dereference during PKCS7 data verification
High
CVE-2023-0401
was published
for
openssl-src
(Rust)
Feb 8, 2023
Using a Custom Cipher with `NID_undef` may lead to NULL encryption
High
CVE-2022-3358
was published
for
openssl-src
(Rust)
Oct 11, 2022
quic-go vulnerable to pointer dereference that can lead to panic
High
CVE-2023-46239
was published
for
github.com/quic-go/quic-go
(Go)
Oct 30, 2023
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability
High
CVE-2020-29652
was published
for
golang.org/x/crypto
(Go)
May 24, 2022
Go Ethereum Denial of Service
High
CVE-2018-19184
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Nil dereference in NATS JWT causing DoS of nats-server
High
GHSA-hmm9-r2m2-qg9w
was published
for
github.com/nats-io/jwt
(Go)
May 21, 2021
Nokogiri NULL Pointer Dereference
High
CVE-2018-14404
was published
for
nokogiri
(RubyGems)
Jan 17, 2019
ActiveRecord in Ruby on Rails allows database-query bypass
High
CVE-2016-6317
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Null pointer deference in openssl-src
High
CVE-2020-1967
was published
for
openssl-src
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API