GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
68 advisories
Filter by severity
Vapor vulnerable to denial of service in URLEncodedFormDecoder
High
CVE-2022-31019
was published
for
github.com/vapor/vapor
(Swift)
Jun 7, 2023
TensorFlow has Heap-buffer-overflow in AvgPoolGrad
High
CVE-2023-25664
was published
for
tensorflow
(pip)
Mar 24, 2023
node-bluetooth is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation
Critical
CVE-2023-26110
was published
for
node-bluetooth
(npm)
Mar 9, 2023
node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannel
Critical
CVE-2023-26109
was published
for
node-bluetooth-serial-port
(npm)
Mar 9, 2023
XStream can cause Denial of Service via stack overflow
High
CVE-2022-41966
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 29, 2022
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite
High
CVE-2022-41894
was published
for
tensorflow
(pip)
Nov 21, 2022
X.509 Email Address 4-byte Buffer Overflow
Critical
CVE-2022-3602
was published
for
openssl-src
(Rust)
Nov 1, 2022
X.509 Email Address Variable Length Buffer Overflow
High
CVE-2022-3786
was published
for
openssl-src
(Rust)
Nov 1, 2022
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
Critical
CVE-2021-37404
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Jun 14, 2022
Heap buffer overflow due to incorrect hash function in TensorFlow
Moderate
CVE-2022-29210
was published
for
tensorflow
(pip)
May 24, 2022
Pion/DTLS contains buffer for inbound DTLS fragments with no limit
Moderate
CVE-2022-29189
was published
for
github.com/pion/dtls
(Go)
May 24, 2022
SM2 Decryption Buffer Overflow
Critical
CVE-2021-3711
was published
for
openssl-src
(Rust)
May 24, 2022
Integer overflow in the bundled Brotli C library
Moderate
CVE-2020-8927
was published
for
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
(NuGet)
May 24, 2022
Buffer Copy without Checking Size of Input in Pillow
Critical
CVE-2020-5311
was published
for
pillow
(pip)
May 24, 2022
Buffer overflow in Jenkins WMI Windows Agents plugin
Moderate
CVE-2022-30950
was published
for
org.jenkins-ci.plugins:windows-slaves
(Maven)
May 18, 2022
Twisted SSH client and server deny of service during SSH handshake.
High
CVE-2022-21716
was published
for
twisted
(pip)
Mar 3, 2022
Buffer Overflow in galois_2p8
Critical
CVE-2022-24988
was published
for
galois_2p8
(Rust)
Feb 15, 2022
Buffer Copy without Checking Size of Input in NumPy
Moderate
CVE-2021-41496
was published
for
numpy
(pip)
Feb 8, 2022
Heap buffer overflow in `Transpose`
Moderate
CVE-2021-41216
was published
for
tensorflow
(pip)
Nov 10, 2021
ProTip!
Advisories are also available from the
GraphQL API