Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2016-6817 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Restriction of Operations within the Bounds of a Memory Buffer in python-cjson Moderate
CVE-2010-1666 was published for python-cjson (pip) May 17, 2022
Pillow Buffer overflow in Jpeg2KEncode.c High
CVE-2016-3076 was published for pillow (pip) May 17, 2022
Pillow Buffer overflow in ImagingFliDecode High
CVE-2016-0775 was published for Pillow (pip) Jul 24, 2018
Pillow Buffer overflow in ImagingLibTiffDecode Moderate
CVE-2016-0740 was published for pillow (pip) Jul 24, 2018
Pillow buffer overflow in ImagingPcdDecode High
CVE-2016-2533 was published for pillow (pip) Jul 24, 2018
Pillow Integer overflow in ImagingResampleHorizontal Critical
CVE-2016-4009 was published for pillow (pip) Jul 24, 2018
MindSpore vulnerable to memory corruption Moderate
CVE-2023-2970 was published for mindspore (pip) May 30, 2023
Dulwich Buffer Overflow when handling pack files Critical
CVE-2015-0838 was published for dulwich (pip) May 17, 2022
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer High
CVE-2012-3444 was published for Django (pip) May 17, 2022
sunSUNQ
Potential memory corruption in arrayfire Critical
CVE-2018-20998 was published for arrayfire (pip) Aug 25, 2021
westonsteimel
Aubio is vulnerable to denial of service via aubio_source_avcodec_readframe function High
CVE-2018-14521 was published for aubio (pip) May 14, 2022
Aubio is vulnerable to denial of service via aubio_pitch_set_unit function High
CVE-2018-14522 was published for aubio (pip) May 14, 2022
aubio Buffer Overflow vulnerability Critical
CVE-2018-19800 was published for aubio (pip) Jul 26, 2019
Denial of service in tensorflow-lite Moderate
CVE-2020-15213 was published for tensorflow (pip) Sep 25, 2020
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-8825 was published for tensorflow (pip) Apr 24, 2019
tdunlap607
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-10055 was published for tensorflow (pip) Apr 30, 2019
ChakraCore RCE Vulnerability High
CVE-2016-7200 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
ChakraCore RCE Vulnerability High
CVE-2016-7201 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
Eclipse Vert.x memory leak Moderate
CVE-2024-1023 was published for io.vertx:vertx-core (Maven) Mar 27, 2024
marcelstoer
PartialBufferOutputStream2 flush issues Moderate
CVE-2008-7227 was published for org.geoserver.web:gs-web-app (Maven) May 17, 2022 withdrawn
jodygarnett
protobuf-cpp and protobuf-python have potential Denial of Service issue High
CVE-2022-1941 was published for protobuf (pip) Sep 23, 2022
kse3hi
Vyper's external calls can overflow return data to return input buffer Low
CVE-2024-24560 was published for vyper (pip) Feb 2, 2024
zobront
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC High
CVE-2024-36129 was published for go.opentelemetry.io/collector/config/configgrpc (Go) Jun 5, 2024
jpkrohling arminru
mx-psi stamparm
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database