Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,227
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

68 advisories

Loading
Buffer Overflow in node-weakauras-parser Moderate
GHSA-86mr-6m89-vgj3 was published for node-weakauras-parser (npm) Sep 3, 2020
Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration Low
GHSA-f366-4rvv-95x2 was published for cryptoauthlib (pip) Oct 2, 2020
Buffer Overflow in vyper High
CVE-2022-24788 was published for vyper (pip) Apr 20, 2022
Buffer Copy without Checking Size of Input in NumPy Moderate
CVE-2021-41496 was published for numpy (pip) Feb 8, 2022
Buffer overflow in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30950 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
Buffer overflow in canvas High
CVE-2020-8215 was published for canvas (npm) May 7, 2021
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV High
CVE-2017-12601 was published for opencv-contrib-python (pip) Oct 12, 2021
Classic Buffer Overflow in pyo High
CVE-2021-41499 was published for pyo (pip) Jan 7, 2022
X.509 Email Address Variable Length Buffer Overflow High
CVE-2022-3786 was published for openssl-src (Rust) Nov 1, 2022
node-bluetooth is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation Critical
CVE-2023-26110 was published for node-bluetooth (npm) Mar 9, 2023
node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannel Critical
CVE-2023-26109 was published for node-bluetooth-serial-port (npm) Mar 9, 2023
TensorFlow has Heap-buffer-overflow in AvgPoolGrad High
CVE-2023-25664 was published for tensorflow (pip) Mar 24, 2023
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite High
CVE-2022-41894 was published for tensorflow (pip) Nov 21, 2022
richardfan0606
Out-of-bounds Write in OpenCV High
CVE-2019-5064 was published for opencv-contrib-python (pip) Oct 12, 2021
harlekeyn
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr Critical
CVE-2020-35887 was published for arr (Rust) Aug 25, 2021
Uncontrolled Resource Consumption in LengthPrefixedMessageReader High
CVE-2021-36155 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
Overflow in prost-types High
CVE-2021-38192 was published for prost-types (Rust) Aug 25, 2021
tdunlap607
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2 Critical
CVE-2021-37404 was published for org.apache.hadoop:hadoop-common (Maven) Jun 14, 2022
XStream can cause Denial of Service via stack overflow High
CVE-2022-41966 was published for com.thoughtworks.xstream:xstream (Maven) Dec 29, 2022
Heap buffer overflow due to incorrect hash function in TensorFlow Moderate
CVE-2022-29210 was published for tensorflow (pip) May 24, 2022
Vapor vulnerable to denial of service in URLEncodedFormDecoder High
CVE-2022-31019 was published for github.com/vapor/vapor (Swift) Jun 7, 2023
weissi
Buffer Overflow in galois_2p8 Critical
CVE-2022-24988 was published for galois_2p8 (Rust) Feb 15, 2022
X.509 Email Address 4-byte Buffer Overflow Critical
CVE-2022-3602 was published for openssl-src (Rust) Nov 1, 2022
Pion/DTLS contains buffer for inbound DTLS fragments with no limit Moderate
CVE-2022-29189 was published for github.com/pion/dtls (Go) May 24, 2022
Twisted SSH client and server deny of service during SSH handshake. High
CVE-2022-21716 was published for twisted (pip) Mar 3, 2022
Idan-D vin01
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database