GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,976
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,534
NuGet
615
pip
3,103
Pub
10
RubyGems
837
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
159 advisories
Filter by severity
Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses
Low
CVE-2023-41051
was published
for
vm-memory
(Rust)
Sep 4, 2023
Out of bounds access in lucet-runtime-internals
Critical
CVE-2020-35859
was published
for
lucet-runtime-internals
(Rust)
Aug 25, 2021
Markdown vulnerable to Out-of-bounds Read while parsing citations
High
CVE-2023-42821
was published
for
github.com/gomarkdown/markdown
(Go)
Sep 22, 2023
hson-java vulnerable to denial of service
High
CVE-2023-39685
was published
for
org.hjson:hjson
(Maven)
Sep 1, 2023
ChakraCore RCE Vulnerability
High
CVE-2018-8139
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
golang.org/x/text/language Out-of-bounds Read vulnerability
High
CVE-2021-38561
was published
for
golang.org/x/text
(Go)
Dec 26, 2022
Out of bounds write in grappler in Tensorflow
High
CVE-2022-41902
was published
for
tensorflow
(pip)
Nov 21, 2022
Ox gem stack overflow in sax_parse
Moderate
CVE-2017-16229
was published
for
ox
(RubyGems)
Mar 5, 2018
Aubio is vulnerable to out of bound read when samplerate > 50kHz
High
CVE-2018-14523
was published
for
aubio
(pip)
May 13, 2022
Denial of service or RCE from libxml2 and libxslt
High
CVE-2015-8806
was published
for
nokogiri
(RubyGems)
Sep 17, 2018
Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2
Moderate
GHSA-hxp2-xqf3-v83h
was published
for
github.com/pion/dtls
(Go)
Feb 7, 2023
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Moderate
CVE-2021-39218
was published
for
wasmtime
(Rust)
Sep 20, 2021
Out of bounds read in lazy-init
Moderate
CVE-2021-25901
was published
for
lazy-init
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API