GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
5,265 advisories
Filter by severity
Heap OOB in `FusedBatchNorm` kernels
High
CVE-2021-41223
was published
for
tensorflow
(pip)
Nov 10, 2021
Arbitrary memory read in `ImmutableConst`
Moderate
CVE-2021-41227
was published
for
tensorflow
(pip)
Nov 10, 2021
Out-of-bounds Read in OpenCV
Moderate
CVE-2019-19624
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Out-of-bounds Read in OpenCV
Moderate
CVE-2019-16249
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Out-of-bounds Read and Out-of-bounds Write in OpenCV
High
CVE-2019-14492
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Out-of-bounds Read in OpenCV
High
CVE-2019-14491
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Out-of-bounds Read in OpenCV
High
CVE-2017-18009
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Out-of-bounds Read in OpenCV
High
CVE-2017-12599
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Out-of-bounds Read in OpenCV
High
CVE-2017-12598
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Moderate
CVE-2021-39218
was published
for
wasmtime
(Rust)
Sep 20, 2021
Uncontrolled Resource Consumption in pillow
High
CVE-2021-23437
was published
for
pillow
(pip)
Sep 7, 2021
Memory access due to code generation flaw in Cranelift module
High
CVE-2021-32629
was published
for
cranelift-codegen
(Rust)
Aug 25, 2021
Out of bounds read in lazy-init
Moderate
CVE-2021-25901
was published
for
lazy-init
(Rust)
Aug 25, 2021
Out of bounds read in simple-slab
Critical
CVE-2020-35892
was published
for
simple-slab
(Rust)
Aug 25, 2021
Out of bounds access in lucet-runtime-internals
Critical
CVE-2020-35859
was published
for
lucet-runtime-internals
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API