GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
101 advisories
Filter by severity
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow
High
CVE-2023-22895
was published
for
bzip2
(Rust)
Jan 10, 2023
TensorFlow vulnerable to Int overflow in `RaggedRangeOp`
Moderate
CVE-2022-35940
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to integer overflow in math ops
Low
CVE-2022-36015
was published
for
tensorflow
(pip)
Sep 16, 2022
lz4-sys vulnerable to memory corruption via issue in liblz4
Critical
GHSA-9q5j-jm53-v7vr
was published
for
lz4-sys
(Rust)
Sep 1, 2022
Incorrect parsing of EVM reversion exit reason in RPC
Moderate
CVE-2022-36008
was published
for
frontier
(Rust)
Aug 18, 2022
Mapbox is vulnerable to Integer Overflow
High
CVE-2022-38216
was published
for
com.mapbox.mapboxsdk:mapbox-android-core
(Maven)
Aug 17, 2022
Apache Avro Rust SDK corrupted data read can cause crash
High
CVE-2022-36125
was published
for
apache-avro
(Rust)
Aug 10, 2022
Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service
High
CVE-2019-25008
was published
for
http
(Rust)
Jun 16, 2022
•
withdrawn
`CHECK` failure in depthwise ops via overflows
Moderate
GHSA-mw6j-hh29-h379
was published
for
tensorflow
(pip)
May 25, 2022
AttesterSlashing number overflow
High
CVE-2022-29219
was published
for
@chainsafe/lodestar
(npm)
May 24, 2022
Integer overflow in `SpaceToBatchND`
Moderate
CVE-2022-29203
was published
for
tensorflow
(pip)
May 24, 2022
Integer overflow in solana_rbpf
High
CVE-2022-31264
was published
for
solana_rbpf
(Rust)
May 22, 2022
Integer overflow in BCrypt class in Spring Security
Moderate
CVE-2022-22976
was published
for
org.springframework.security:spring-security-core
(Maven)
May 20, 2022
Integer Overflow or Wraparound in libxml2 affects Nokogiri
High
GHSA-cgx6-hpwq-fhv5
was published
for
nokogiri
(RubyGems)
May 18, 2022
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Mercurial mishandles integer addition and subtraction
Critical
CVE-2018-13347
was published
for
mercurial
(pip)
May 13, 2022
Integer Overflow or Wraparound in JBCrypt
Moderate
CVE-2015-0886
was published
for
org.mindrot:jbcrypt
(Maven)
May 13, 2022
Buffer Overflow in yajl-ruby
Moderate
CVE-2022-24795
was published
for
yajl-ruby
(RubyGems)
Apr 5, 2022
Integer Overflow or Wraparound in Microweber
High
CVE-2022-1036
was published
for
microweber/microweber
(Composer)
Mar 23, 2022
Denial of service in microweber
High
CVE-2022-0961
was published
for
microweber/microweber
(Composer)
Mar 16, 2022
Integer Overflow in microweber
High
CVE-2022-0968
was published
for
microweber/microweber
(Composer)
Mar 16, 2022
Integer Overflow or Wraparound in Microweber
High
CVE-2022-0913
was published
for
microweber/microweber
(Composer)
Mar 12, 2022
Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption
High
CVE-2024-22051
was published
for
commonmarker
(RubyGems)
Mar 3, 2022
Denial of Service in Bytom
High
CVE-2018-18206
was published
for
github.com/bytom/bytom
(Go)
Feb 15, 2022
ProTip!
Advisories are also available from the
GraphQL API