Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0639 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Integer Overflow or Wraparound in TensorFlow Moderate
GHSA-wcv5-vrvr-3rx2 was published for tensorflow (pip) Feb 9, 2022
Counter overflow in chacha20 High
CVE-2019-25005 was published for chacha20 (Rust) Aug 25, 2021
Integer Overflow or Wraparound in libxml2 affects Nokogiri High
GHSA-cgx6-hpwq-fhv5 was published for nokogiri (RubyGems) May 18, 2022
`CHECK` failure in depthwise ops via overflows Moderate
GHSA-mw6j-hh29-h379 was published for tensorflow (pip) May 25, 2022
Integer overflow in Pillow High
CVE-2020-5310 was published for Pillow (pip) Nov 3, 2021
Integer overflow in publify_core Critical
CVE-2022-1812 was published for publify_core (RubyGems) Jan 14, 2023
Integer Overflow or Wraparound in Microweber High
CVE-2022-0913 was published for microweber/microweber (Composer) Mar 12, 2022
Integer Overflow in microweber High
CVE-2022-0968 was published for microweber/microweber (Composer) Mar 16, 2022
Denial of service in microweber High
CVE-2022-0961 was published for microweber/microweber (Composer) Mar 16, 2022
Integer Overflow or Wraparound in Microweber High
CVE-2022-1036 was published for microweber/microweber (Composer) Mar 23, 2022
Integer bounds error in Vyper High
CVE-2022-24845 was published for vyper (pip) Apr 22, 2022
AttesterSlashing number overflow High
CVE-2022-29219 was published for @chainsafe/lodestar (npm) May 24, 2022
Integer overflow in `SpaceToBatchND` Moderate
CVE-2022-29203 was published for tensorflow (pip) May 24, 2022
Integer Overflow or Wraparound in JBCrypt Moderate
CVE-2015-0886 was published for org.mindrot:jbcrypt (Maven) May 13, 2022
Integer overflow in solana_rbpf High
CVE-2022-31264 was published for solana_rbpf (Rust) May 22, 2022
TensorFlow vulnerable to integer overflow in math ops Low
CVE-2022-36015 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to Int overflow in `RaggedRangeOp` Moderate
CVE-2022-35940 was published for tensorflow (pip) Sep 16, 2022
Apache Avro Rust SDK corrupted data read can cause crash High
CVE-2022-36125 was published for apache-avro (Rust) Aug 10, 2022
Incorrect parsing of EVM reversion exit reason in RPC Moderate
CVE-2022-36008 was published for frontier (Rust) Aug 18, 2022
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server Critical
CVE-2017-7657 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt Moderate
CVE-2020-7689 was published for bcrypt (npm) Aug 20, 2020
CHECK-fail in AddManySparseToTensorsMap Low
CVE-2021-29523 was published for tensorflow (pip) May 21, 2021
CHECK-fail due to integer overflow Low
CVE-2021-29584 was published for tensorflow (pip) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database