Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,612
NuGet
638
pip
3,210
Pub
10
RubyGems
853
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. Moderate
CVE-2024-29857 was published for BouncyCastle (Maven) May 14, 2024
levpachmanov
Heap OOB in TFLite's `Gather*` implementations Moderate
CVE-2021-37687 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in TFLite Moderate
CVE-2021-37685 was published for tensorflow (pip) Aug 25, 2021
Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory. Moderate
CVE-2018-21233 was published for tensorflow (pip) May 13, 2020
Out of bounds access in tensorflow-lite Moderate
CVE-2020-15211 was published for tensorflow (pip) Sep 25, 2020
PyMongo Out-of-bounds Read in the bson module Moderate
CVE-2024-5629 was published for pymongo (pip) Jun 5, 2024
PyMongo Out-of-bounds Read in the bson module Moderate
GHSA-cr6f-gf5w-vhrc was published for pymongo (pip) Apr 6, 2024 withdrawn
iq80 Snappy out-of-bounds read when uncompressing data, leading to JVM crash Moderate
CVE-2024-36124 was published for org.iq80.snappy:snappy (Maven) Jun 4, 2024
Onnx Out-of-bounds Read vulnerability Moderate
CVE-2024-27319 was published for onnx (pip) Feb 23, 2024
iarspider
Out-of-bounds read in Pillow Moderate
CVE-2020-10378 was published for Pillow (pip) Nov 3, 2021
sunSUNQ
Out-of-bounds reads in Pillow Moderate
CVE-2020-10177 was published for Pillow (pip) Jul 27, 2020
sunSUNQ
Pillow Out-of-bounds Read Moderate
CVE-2020-35655 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
PaddlePaddle segfault in paddle.mode Moderate
CVE-2023-38678 was published for PaddlePaddle (pip) Jan 3, 2024
Buffer under-read in workerd Moderate
CVE-2023-2512 was published for workerd (npm) May 12, 2023
ubercomp
Out-of-bounds reads in Pillow Moderate
CVE-2020-10994 was published for Pillow (pip) Jul 27, 2020
Out-of-bounds Read in Pillow Moderate
CVE-2022-22816 was published for Pillow (pip) Jan 12, 2022
tdunlap607
Ox gem stack overflow in sax_parse Moderate
CVE-2017-16229 was published for ox (RubyGems) Mar 5, 2018
WASM3 segmentation fault Moderate
CVE-2022-34529 was published for pywasm3 (pip) Jul 28, 2022
Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2 Moderate
GHSA-hxp2-xqf3-v83h was published for github.com/pion/dtls (Go) Feb 7, 2023
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime Moderate
CVE-2021-39218 was published for wasmtime (Rust) Sep 20, 2021
cfallin fitzgen
Out of bounds read in lazy-init Moderate
CVE-2021-25901 was published for lazy-init (Rust) Aug 25, 2021
Out of bounds read in dync Moderate
CVE-2020-35903 was published for dync (Rust) Aug 25, 2021
Out-of-bounds Read in base64url Moderate
GHSA-rvg8-pwq2-xj7q was published for base64url (npm) Sep 1, 2020
tdunlap607
Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses Moderate
CVE-2023-28448 was published for versionize (Rust) Mar 24, 2023
Wasmtime out of bounds read/write with zero-memory-pages configuration Moderate
CVE-2022-39392 was published for wasmtime (Rust) Nov 10, 2022
alexcrichton
ProTip! Advisories are also available from the GraphQL API