Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

96 advisories

Loading
PyMongo Out-of-bounds Read in the bson module Moderate
CVE-2024-5629 was published for pymongo (pip) Jun 5, 2024
PyMongo Out-of-bounds Read in the bson module Moderate
GHSA-cr6f-gf5w-vhrc was published for pymongo (pip) Apr 6, 2024 withdrawn
Mercurial Out-of-bounds Read vulnerability Critical
CVE-2018-17983 was published for mercurial (pip) May 14, 2022
Onnx Out-of-bounds Read vulnerability Moderate
CVE-2024-27319 was published for onnx (pip) Feb 23, 2024
iarspider
Uncontrolled Resource Consumption in pillow High
CVE-2021-23437 was published for pillow (pip) Sep 7, 2021
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching Critical
CVE-2020-26269 was published for tensorflow (pip) Oct 7, 2022
Asterix Heap-based Buffer Overflow Critical
CVE-2021-44144 was published for asterix_decoder (pip) May 24, 2022
Out-of-bounds read in Pillow Moderate
CVE-2020-10378 was published for Pillow (pip) Nov 3, 2021
sunSUNQ
Out-of-bounds reads in Pillow Moderate
CVE-2020-10177 was published for Pillow (pip) Jul 27, 2020
sunSUNQ
Pillow Out-of-bounds Read Moderate
CVE-2020-35655 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Out of bounds read in Pillow High
CVE-2021-25293 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Out of bounds read in Pillow High
CVE-2021-25291 was published for Pillow (pip) Mar 29, 2021
tdunlap607 sunSUNQ
Vyper's `extract32` can ready dirty memory Low
CVE-2024-24564 was published for vyper (pip) Feb 26, 2024
trocher
PaddlePaddle segfault in paddle.mode Moderate
CVE-2023-38678 was published for PaddlePaddle (pip) Jan 3, 2024
Out of bounds write in grappler in Tensorflow High
CVE-2022-41902 was published for tensorflow (pip) Nov 21, 2022
w0j73k
typed-ast Out-of-bounds Read High
CVE-2019-19274 was published for typed-ast (pip) Dec 2, 2019
typed-ast Out-of-bounds Read High
CVE-2019-19275 was published for typed-ast (pip) Dec 2, 2019
Out-of-bounds Read in Pillow High
CVE-2020-5313 was published for Pillow (pip) Apr 1, 2020
Out-of-bounds reads in Pillow Moderate
CVE-2020-10994 was published for Pillow (pip) Jul 27, 2020
Out-of-bounds Read in Pillow Moderate
CVE-2022-22816 was published for Pillow (pip) Jan 12, 2022
tdunlap607
Pillow Out-of-bounds Read High
CVE-2020-35653 was published for Pillow (pip) Mar 18, 2021
WASM3 segmentation fault Moderate
CVE-2022-34529 was published for pywasm3 (pip) Jul 28, 2022
Aubio is vulnerable to out of bound read when samplerate > 50kHz High
CVE-2018-14523 was published for aubio (pip) May 13, 2022
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation Critical
CVE-2023-25668 was published for tensorflow (pip) Mar 24, 2023
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch High
CVE-2023-25659 was published for tensorflow (pip) Mar 24, 2023
dengyinlin
ProTip! Advisories are also available from the GraphQL API