Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

399 advisories

Loading
protobuf susceptible to buffer overflow High
CVE-2015-5237 was published for Google.Protobuf (Composer) May 13, 2022
Out-of-bounds Write in zlib affects Nokogiri High
GHSA-v6gp-9mmm-c6p5 was published for nokogiri (RubyGems) Apr 11, 2022
Nokogiri affected by zlib's Out-of-bounds Write vulnerability High
CVE-2018-25032 was published for nokogiri (RubyGems) Mar 26, 2022
Deeply nested json in jackson-databind High
CVE-2020-36518 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Mar 12, 2022
farbeiza-enverus stickycode
mr-c victornoel guima Zeouterlimits joschi JoshDM sunSUNQ
Credited to farbeiza-enverus, stickycode, mr-c, victornoel, guima, Zeouterlimits, joschi, JoshDM, and sunSUNQ
Out of bounds read in json-smart High
CVE-2021-31684 was published for net.minidev:json-smart (Maven) Feb 10, 2022
afdesk
Credited to afdesk
Out-of-bounds Write in Play Framework High
CVE-2020-27196 was published for com.typesafe.play:play (Maven) Feb 10, 2022
Out of bounds write in Tensorflow High
CVE-2022-23566 was published for tensorflow (pip) Feb 9, 2022
Out of bounds write in TFLite High
CVE-2022-23561 was published for tensorflow (pip) Feb 9, 2022
Read and Write outside of bounds in TensorFlow High
CVE-2022-23560 was published for tensorflow (pip) Feb 9, 2022
Heap overflow in Tensorflow High
CVE-2022-21740 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read and write in Tensorflow High
CVE-2022-23574 was published for tensorflow (pip) Feb 9, 2022
Out-of-bounds Write in iText Moderate
CVE-2022-24197 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
UltraJSON vulnerable to Out-of-bounds Write Moderate
CVE-2021-45958 was published for ujson (pip) Jan 21, 2022
JustAnotherArchivist
Credited to JustAnotherArchivist
Out-of-bounds Write in actix-web Critical
CVE-2018-25024 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25026 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25025 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in derive-com-impl High
CVE-2021-45681 was published for derive-com-impl (Rust) Jan 6, 2022
Out-of-bounds Write in vec-const High
CVE-2021-45680 was published for vec-const (Rust) Jan 6, 2022
Out-of-bounds Write and Race Condition in metrics-util High
CVE-2021-45704 was published for metrics-util (Rust) Jan 6, 2022
Out-of-bounds Write in nix Moderate
CVE-2021-45707 was published for nix (Rust) Jan 6, 2022
Polyhistorian
Credited to Polyhistorian
Integer Overflow in png-img High
CVE-2020-28248 was published for png-img (npm) Dec 10, 2021
Memory exhaustion in routinator High
CVE-2021-43174 was published for routinator (Rust) Nov 11, 2021
Heap buffer overflow in `Transpose` Moderate
CVE-2021-41216 was published for tensorflow (pip) Nov 10, 2021
Access to invalid memory during shape inference in `Cudnn*` ops High
CVE-2021-41221 was published for tensorflow (pip) Nov 10, 2021
Out-of-bounds Write in OpenCV. Moderate
CVE-2018-5268 was published for opencv-contrib-python (pip) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database