Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow High
CVE-2023-22895 was published for bzip2 (Rust) Jan 10, 2023
tdunlap607
TensorFlow vulnerable to Int overflow in `RaggedRangeOp` Moderate
CVE-2022-35940 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to integer overflow in math ops Low
CVE-2022-36015 was published for tensorflow (pip) Sep 16, 2022
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
Incorrect parsing of EVM reversion exit reason in RPC Moderate
CVE-2022-36008 was published for frontier (Rust) Aug 18, 2022
Mapbox is vulnerable to Integer Overflow High
CVE-2022-38216 was published for com.mapbox.mapboxsdk:mapbox-android-core (Maven) Aug 17, 2022
billyjbryant aruneko
Apache Avro Rust SDK corrupted data read can cause crash High
CVE-2022-36125 was published for apache-avro (Rust) Aug 10, 2022
Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service High
CVE-2019-25008 was published for http (Rust) Jun 16, 2022 withdrawn
matveybaykalov
`CHECK` failure in depthwise ops via overflows Moderate
GHSA-mw6j-hh29-h379 was published for tensorflow (pip) May 25, 2022
AttesterSlashing number overflow High
CVE-2022-29219 was published for @chainsafe/lodestar (npm) May 24, 2022
Integer overflow in `SpaceToBatchND` Moderate
CVE-2022-29203 was published for tensorflow (pip) May 24, 2022
Integer overflow in solana_rbpf High
CVE-2022-31264 was published for solana_rbpf (Rust) May 22, 2022
Integer overflow in BCrypt class in Spring Security Moderate
CVE-2022-22976 was published for org.springframework.security:spring-security-core (Maven) May 20, 2022
SunBK201
Integer Overflow or Wraparound in libxml2 affects Nokogiri High
GHSA-cgx6-hpwq-fhv5 was published for nokogiri (RubyGems) May 18, 2022
Integer Overflow or Wraparound in Apache Tomcat Moderate
CVE-2014-0075 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Mercurial mishandles integer addition and subtraction Critical
CVE-2018-13347 was published for mercurial (pip) May 13, 2022
Integer Overflow or Wraparound in JBCrypt Moderate
CVE-2015-0886 was published for org.mindrot:jbcrypt (Maven) May 13, 2022
Integer bounds error in Vyper High
CVE-2022-24845 was published for vyper (pip) Apr 22, 2022
Buffer Overflow in yajl-ruby Moderate
CVE-2022-24795 was published for yajl-ruby (RubyGems) Apr 5, 2022
jhawthorn
Integer Overflow or Wraparound in Microweber High
CVE-2022-1036 was published for microweber/microweber (Composer) Mar 23, 2022
Denial of service in microweber High
CVE-2022-0961 was published for microweber/microweber (Composer) Mar 16, 2022
Integer Overflow in microweber High
CVE-2022-0968 was published for microweber/microweber (Composer) Mar 16, 2022
Integer Overflow or Wraparound in Microweber High
CVE-2022-0913 was published for microweber/microweber (Composer) Mar 12, 2022
Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption High
CVE-2024-22051 was published for commonmarker (RubyGems) Mar 3, 2022
Denial of Service in Bytom High
CVE-2018-18206 was published for github.com/bytom/bytom (Go) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database