Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

24 advisories

Loading
Zebra Address Book Aborted by IPv4-Mapped Mempool Misbehavior Update High
CVE-2026-52829 was published for zebra-network (Rust) Jul 2, 2026
Haxatron Credited to Haxatron, oxarbitrage, and mpguerra oxarbitrage oxarbitrage
mpguerra mpguerra
pierreolivierbonin Credited to pierreolivierbonin and jperezdealgaba jperezdealgaba jperezdealgaba
LinZiyuu Credited to LinZiyuu
free5GC's NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri) High
CVE-2026-44319 was published for github.com/free5gc/nef (Go) May 8, 2026
LinZiyuu Credited to LinZiyuu
Kyverno Controller Denial of Service via forEach Mutation Panic High
CVE-2026-41485 was published for github.com/kyverno/kyverno (Go) Apr 24, 2026
thevilledev Credited to thevilledev
libp2p-gossipsub: Remote crash via unchecked Instant overflow in heartbeat backoff expiry handling High
CVE-2026-34219 was published for libp2p-gossipsub (Rust) Mar 30, 2026
Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145 High
CVE-2026-32314 was published for yamux (Rust) Mar 13, 2026
golang.org/x/crypto/ssh/agent has a potential denial of service High
CVE-2025-47913 was published for golang.org/x/crypto/ssh/agent (Go) Nov 14, 2025
augustocesarperin Credited to augustocesarperin
quic-go: Panic occurs when queuing undecryptable packets after handshake completion High
CVE-2025-59530 was published for github.com/quic-go/quic-go (Go) Oct 10, 2025
rsukhodolskyi Credited to rsukhodolskyi
rPGP Panics on Malformed Untrusted Input High
CVE-2024-53856 was published for pgp (Rust) Dec 5, 2024
invd Credited to invd, hko-s, dignifiedquire, and link2xt hko-s hko-s
dignifiedquire dignifiedquire link2xt link2xt
vLLM denial of service vulnerability High
CVE-2024-8768 was published for vllm (pip) Sep 17, 2024
gRPC Reachable Assertion issue High
CVE-2023-1428 was published for grpc (RubyGems) Jul 6, 2023
jonasfj Credited to jonasfj and tal-sealsecurity tal-sealsecurity tal-sealsecurity
Denial of Service via reachable assertion High
CVE-2022-24777 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
xml-rs vulnerable to denial of service via invalid token in XML document High
CVE-2023-34411 was published for xml-rs (Rust) Jun 5, 2023
00xc Credited to 00xc
shiyanhui/dht vulnerable to Uncontrolled Resource Consumption High
CVE-2020-36562 was published for github.com/shiyanhui/dht (Go) Dec 28, 2022
NLnet Labs Routinator has Reachable Assertion vulnerability High
CVE-2022-3029 was published for routinator (Rust) Sep 14, 2022
`CHECK`-failures in Tensorflow High
CVE-2022-21734 was published for tensorflow (pip) Feb 10, 2022
Reachable Assertion in Tensorflow High
CVE-2022-23564 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in Tensorflow High
CVE-2022-23565 was published for tensorflow (pip) Feb 9, 2022
Assertion failure based denial of service in Tensorflow High
CVE-2022-21737 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-fails when building invalid tensor shapes in Tensorflow High
CVE-2022-23569 was published for tensorflow (pip) Feb 9, 2022
Reachable Assertion in Tensorflow High
CVE-2022-23571 was published for tensorflow (pip) Feb 9, 2022
Crash when type cannot be specialized in Tensorflow High
CVE-2022-23572 was published for tensorflow (pip) Feb 9, 2022
Incorrect implementation in streebog High
CVE-2019-25007 was published for streebog (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API