GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,130 advisories
Filter by severity
Overflow/crash in `tf.image.resize` when size is large
Moderate
CVE-2021-41199
was published
for
tensorflow
(pip)
Nov 10, 2021
Missing validation during checkpoint loading
High
CVE-2021-41203
was published
for
tensorflow
(pip)
Nov 10, 2021
Integer Overflow or Wraparound in OpenCV.
High
CVE-2017-1000450
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Integer Overflow or Wraparound in OpenCV
High
CVE-2017-12864
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Integer Overflow or Wraparound in OpenCV
High
CVE-2017-12863
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Integer Overflow/Infinite Loop in the http crate
High
CVE-2020-25574
was published
for
http
(Rust)
Aug 25, 2021
Integer Overflow in openssl-src
Moderate
CVE-2021-23841
was published
for
openssl-src
(Rust)
Aug 25, 2021
Integer Overflow in openssl-src
High
CVE-2021-23840
was published
for
openssl-src
(Rust)
Aug 25, 2021
Integer Overflow in Chunked Transfer-Encoding
Moderate
CVE-2021-32714
was published
for
hyper
(Rust)
Jul 12, 2021
Integer Overflow in go-jose
High
CVE-2016-9123
was published
for
github.com/square/go-jose
(Go)
Jun 23, 2021
Integer overflow in TFLite memory allocation
High
CVE-2021-29605
was published
for
tensorflow
(pip)
May 21, 2021
Integer overflow in TFLite concatentation
Moderate
CVE-2021-29601
was published
for
tensorflow
(pip)
May 21, 2021
CHECK-fail due to integer overflow
Low
CVE-2021-29584
was published
for
tensorflow
(pip)
May 21, 2021
CHECK-fail in AddManySparseToTensorsMap
Low
CVE-2021-29523
was published
for
tensorflow
(pip)
May 21, 2021
Integer overflow in github.com/gorilla/websocket
High
CVE-2020-27813
was published
for
github.com/gorilla/websocket
(Go)
May 18, 2021
Integer Overflow or Wraparound in NATS Server
High
CVE-2019-13126
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 18, 2021
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow
High
CVE-2020-36242
was published
for
cryptography
(pip)
Feb 10, 2021
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt
Moderate
CVE-2020-7689
was published
for
bcrypt
(npm)
Aug 20, 2020
Signature Malleabillity in elliptic
High
CVE-2020-13822
was published
for
elliptic
(npm)
Jul 29, 2020
Uncontrolled Resource Consumption in Pillow
High
CVE-2019-19911
was published
for
Pillow
(pip)
Apr 1, 2020
ProTip!
Advisories are also available from the
GraphQL API