GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
48 advisories
Filter by severity
PyMongo Out-of-bounds Read in the bson module
Moderate
CVE-2024-5629
was published
for
pymongo
(pip)
Jun 5, 2024
PyMongo Out-of-bounds Read in the bson module
Moderate
GHSA-cr6f-gf5w-vhrc
was published
for
pymongo
(pip)
Apr 6, 2024
•
withdrawn
iq80 Snappy out-of-bounds read when uncompressing data, leading to JVM crash
Moderate
CVE-2024-36124
was published
for
org.iq80.snappy:snappy
(Maven)
Jun 4, 2024
Onnx Out-of-bounds Read vulnerability
Moderate
CVE-2024-27319
was published
for
onnx
(pip)
Feb 23, 2024
PaddlePaddle segfault in paddle.mode
Moderate
CVE-2023-38678
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
Ox gem stack overflow in sax_parse
Moderate
CVE-2017-16229
was published
for
ox
(RubyGems)
Mar 5, 2018
Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2
Moderate
GHSA-hxp2-xqf3-v83h
was published
for
github.com/pion/dtls
(Go)
Feb 7, 2023
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Moderate
CVE-2021-39218
was published
for
wasmtime
(Rust)
Sep 20, 2021
Out of bounds read in lazy-init
Moderate
CVE-2021-25901
was published
for
lazy-init
(Rust)
Aug 25, 2021
Out-of-bounds Read in base64url
Moderate
GHSA-rvg8-pwq2-xj7q
was published
for
base64url
(npm)
Sep 1, 2020
Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses
Moderate
CVE-2023-28448
was published
for
versionize
(Rust)
Mar 24, 2023
Wasmtime out of bounds read/write with zero-memory-pages configuration
Moderate
CVE-2022-39392
was published
for
wasmtime
(Rust)
Nov 10, 2022
Out-of-bounds Read in iText
Moderate
CVE-2022-24198
was published
for
com.itextpdf:itext7-core
(Maven)
Feb 2, 2022
partial_sort contains Out-of-bounds Read in release mode
Moderate
GHSA-5x36-7567-3cw6
was published
for
partial_sort
(Rust)
Feb 28, 2023
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read
Moderate
CVE-2018-16982
was published
for
OpenCC
(npm)
May 14, 2022
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
ProTip!
Advisories are also available from the
GraphQL API