GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
161 advisories
Filter by severity
Exiv2 has an out-of-bounds read in QuickTimeVideo::NikonTagsDecoder
Moderate
CVE-2024-24826
was published
for
exiv2
(pip)
Oct 17, 2024
Pillow Out-of-bounds Read vulnerability
High
CVE-2021-25288
was published
for
Pillow
(pip)
Jun 8, 2021
Uncontrolled Resource Consumption in pillow
High
CVE-2021-23437
was published
for
pillow
(pip)
Sep 7, 2021
Vyper's `extract32` can ready dirty memory
Low
CVE-2024-24564
was published
for
vyper
(pip)
Feb 26, 2024
Out-of-bounds Read in Onionshare
High
CVE-2022-21688
was published
for
onionshare-cli
(pip)
Jan 21, 2022
Mercurial Out-of-bounds Read vulnerability
High
CVE-2018-17983
was published
for
mercurial
(pip)
May 14, 2022
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
Moderate
CVE-2024-29857
was published
for
BouncyCastle
(Maven)
May 14, 2024
Asterix Heap-based Buffer Overflow
Critical
CVE-2021-44144
was published
for
asterix_decoder
(pip)
May 24, 2022
Aubio is vulnerable to out of bound read when samplerate > 50kHz
High
CVE-2018-14523
was published
for
aubio
(pip)
May 13, 2022
Heap OOB in TFLite's `Gather*` implementations
Moderate
CVE-2021-37687
was published
for
tensorflow
(pip)
Aug 25, 2021
Heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
Low
CVE-2021-29590
was published
for
tensorflow
(pip)
May 21, 2021
ProTip!
Advisories are also available from the
GraphQL API