Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

97 advisories

Loading
Exiv2 has an out-of-bounds read in QuickTimeVideo::NikonTagsDecoder Moderate
CVE-2024-24826 was published for exiv2 (pip) Oct 17, 2024
PyMongo Out-of-bounds Read in the bson module Moderate
CVE-2024-5629 was published for pymongo (pip) Jun 5, 2024
PyMongo Out-of-bounds Read in the bson module Moderate
GHSA-cr6f-gf5w-vhrc was published for pymongo (pip) Apr 6, 2024 withdrawn
Vyper's `extract32` can ready dirty memory Low
CVE-2024-24564 was published for vyper (pip) Feb 26, 2024
trocher
Onnx Out-of-bounds Read vulnerability Moderate
CVE-2024-27319 was published for onnx (pip) Feb 23, 2024
iarspider
PaddlePaddle segfault in paddle.mode Moderate
CVE-2023-38678 was published for PaddlePaddle (pip) Jan 3, 2024
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch High
CVE-2023-25659 was published for tensorflow (pip) Mar 24, 2023
dengyinlin
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation Critical
CVE-2023-25668 was published for tensorflow (pip) Mar 24, 2023
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad High
CVE-2023-25658 was published for tensorflow (pip) Mar 24, 2023
PaddlePaddle Out-of-bounds Read vulnerability Critical
CVE-2022-46741 was published for paddlepaddle (pip) Dec 7, 2022
Tensorflow vulnerable to Out-of-Bounds Read Moderate
CVE-2022-41880 was published for tensorflow (pip) Nov 22, 2022
Heap overflow in `QuantizeAndDequantizeV2` Moderate
CVE-2022-41910 was published for tensorflow (pip) Nov 21, 2022
Out of bounds write in grappler in Tensorflow High
CVE-2022-41902 was published for tensorflow (pip) Nov 21, 2022
w0j73k
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess High
CVE-2022-41900 was published for tensorflow (pip) Nov 21, 2022
`FractionalMaxPoolGrad` Heap out of bounds read Moderate
CVE-2022-41897 was published for tensorflow (pip) Nov 21, 2022
`MirrorPadGrad` heap out of bounds read Moderate
CVE-2022-41895 was published for tensorflow (pip) Nov 21, 2022
Out of bounds segmentation fault due to unequal op inputs in Tensorflow Moderate
CVE-2022-41883 was published for tensorflow (pip) Nov 21, 2022
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching Critical
CVE-2020-26269 was published for tensorflow (pip) Oct 7, 2022
TensorFlow vulnerable to OOB read in `Gather_nd` in TF Lite High
CVE-2022-35937 was published for tensorflow (pip) Sep 16, 2022
WASM3 segmentation fault Moderate
CVE-2022-34529 was published for pywasm3 (pip) Jul 28, 2022
Asterix Heap-based Buffer Overflow Critical
CVE-2021-44144 was published for asterix_decoder (pip) May 24, 2022
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read Moderate
CVE-2018-16982 was published for OpenCC (npm) May 14, 2022
richardfan0606 DanBeard
Mercurial Out-of-bounds Read vulnerability High
CVE-2018-17983 was published for mercurial (pip) May 14, 2022
Aubio is vulnerable to out of bound read when samplerate > 50kHz High
CVE-2018-14523 was published for aubio (pip) May 13, 2022
Out-of-bounds read in admesh High
CVE-2018-25033 was published for admesh (pip) May 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database