GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,154
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
119 advisories
Filter by severity
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow
High
CVE-2018-10055
was published
for
tensorflow
(pip)
Apr 30, 2019
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow
High
CVE-2018-8825
was published
for
tensorflow
(pip)
Apr 24, 2019
Py-EVM is vulnerable to arbitrary bytecode injection
High
CVE-2018-18920
was published
for
py-evm
(pip)
Nov 21, 2018
PyFriBidi Buffer overflow in the fribidi_utf8_to_unicode function
High
CVE-2012-1176
was published
for
pyfribidi
(pip)
May 17, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
High
CVE-2016-6817
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Pillow Buffer overflow in Jpeg2KEncode.c
High
CVE-2016-3076
was published
for
pillow
(pip)
May 17, 2022
Pillow Buffer overflow in ImagingFliDecode
High
CVE-2016-0775
was published
for
Pillow
(pip)
Jul 24, 2018
Pillow buffer overflow in ImagingPcdDecode
High
CVE-2016-2533
was published
for
pillow
(pip)
Jul 24, 2018
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
High
CVE-2012-3444
was published
for
Django
(pip)
May 17, 2022
Aubio is vulnerable to denial of service via aubio_source_avcodec_readframe function
High
CVE-2018-14521
was published
for
aubio
(pip)
May 14, 2022
Aubio is vulnerable to denial of service via aubio_pitch_set_unit function
High
CVE-2018-14522
was published
for
aubio
(pip)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-7200
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-7201
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
protobuf-cpp and protobuf-python have potential Denial of Service issue
High
CVE-2022-1941
was published
for
protobuf
(pip)
Sep 23, 2022
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
High
CVE-2024-36129
was published
for
go.opentelemetry.io/collector/config/configgrpc
(Go)
Jun 5, 2024
golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer
High
CVE-2018-17847
was published
for
golang.org/x/net
(Go)
May 13, 2022
golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer
High
CVE-2018-17143
was published
for
golang.org/x/net
(Go)
May 13, 2022
Handling untrusted input can result in a crash, leading to loss of availability / denial of service
High
CVE-2024-30253
was published
for
@solana/web3.js
(npm)
Apr 17, 2024
Apache Tomcat DoS via Malicious Get Request
High
CVE-2002-2272
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-3386
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-0024
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-0186
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-0191
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ChakraCore RCE Vulnerability
High
CVE-2016-0193
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API