Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,998
Erlang
29
GitHub Actions
16
Go
1,784
Maven
5,000+
npm
3,546
NuGet
620
pip
3,139
Pub
10
RubyGems
839
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
vyper's range(start, start + N) reverts for negative numbers Moderate
CVE-2024-32481 was published for vyper (pip) Apr 25, 2024
trocher
Okio Signed to Unsigned Conversion Error vulnerability Moderate
CVE-2023-3635 was published for com.squareup.okio:okio (Maven) Jul 12, 2023
trettstadtnlb adrienpessu
Besu VM vulnerable to gas allocation error in CALL operations Critical
CVE-2022-36025 was published for org.hyperledger.besu:evm (Maven) Sep 23, 2022
holiman
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets High
CVE-2022-34169 was published for xalan:xalan (Maven) Jul 20, 2022
udengaardandersent-ELS Diddern
skuma762_uhg
Signed to Unsigned Conversion Error in Facebook Hermes High
CVE-2020-1913 was published for hermes-engine (npm) May 24, 2022
Overflow/crash in `tf.range` Moderate
CVE-2021-41202 was published for tensorflow (pip) Nov 10, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
Integer overflow due to conversion to unsigned Moderate
CVE-2021-37645 was published for tensorflow (pip) Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion Moderate
CVE-2021-37646 was published for tensorflow (pip) Aug 25, 2021
Crash caused by integer conversion to unsigned Moderate
CVE-2021-37661 was published for tensorflow (pip) Aug 25, 2021
Crash in NMS ops caused by integer conversion to unsigned Moderate
CVE-2021-37669 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in nested `tf.map_fn` with `RaggedTensor`s High
CVE-2021-37679 was published for tensorflow (pip) Aug 25, 2021
Segfault in tf.raw_ops.ImmutableConst Low
CVE-2021-29539 was published for tensorflow (pip) May 21, 2021
Potential DoS with NumberFilter conversion to integer values. High
CVE-2020-15225 was published for django-filter (pip) Sep 28, 2020
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow Low
CVE-2019-16778 was published for tensorflow (pip) Dec 16, 2019
ProTip! Advisories are also available from the GraphQL API