Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
Integer overflow in TFLite concatentation Moderate
CVE-2021-29601 was published for tensorflow (pip) May 21, 2021
Integer overflow in BCrypt class in Spring Security Moderate
CVE-2022-22976 was published for org.springframework.security:spring-security-core (Maven) May 20, 2022
SunBK201
BoringSSLAEADContext in Netty Repeats Nonces Moderate
CVE-2024-36121 was published for io.netty.incubator:netty-incubator-codec-ohttp (Maven) Jun 5, 2024
SalusaSecondus
libdav1d-sys affected by dav1d AV1 decoder integer overflow Moderate
GHSA-mc39-h54g-pvw6 was published for libdav1d-sys (Rust) Apr 5, 2024
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration in RunC Moderate
CVE-2021-43784 was published for github.com/opencontainers/runc (Go) Dec 7, 2021
felixwilhelm
Integer Overflow or Wraparound in Apache Tomcat Moderate
CVE-2014-0075 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Vapor contains an integer overflow in URI leading to potential host spoofing Moderate
CVE-2024-21631 was published for github.com/vapor/vapor (Swift) Jan 3, 2024
0xTim gwynne
baarde
.eth registrar controller can shorten the duration of registered names Moderate
CVE-2023-38698 was published for @ensdomains/ens-contracts (npm) Aug 1, 2023
Buffer under-read in workerd Moderate
CVE-2023-2512 was published for workerd (npm) May 12, 2023
ubercomp
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS Moderate
CVE-2023-34453 was published for org.xerial.snappy:snappy-java (Maven) Jun 15, 2023
srmish-jfrog
snappy-java's Integer Overflow vulnerability in compress leads to DoS Moderate
CVE-2023-34454 was published for org.xerial.snappy:snappy-java (Maven) Jun 15, 2023
srmish-jfrog
Pillow Integer overflow in Map.c Moderate
CVE-2016-9189 was published for Pillow (pip) Jul 24, 2018
Integer overflow in pywin32 Moderate
CVE-2021-32559 was published for pywin32 (pip) Aug 9, 2021
Buffer Overflow in yajl-ruby Moderate
CVE-2022-24795 was published for yajl-ruby (RubyGems) Apr 5, 2022
jhawthorn
Integer Overflow in openssl-src Moderate
CVE-2021-23841 was published for openssl-src (Rust) Aug 25, 2021
another-rex
TensorFlow vulnerable to segfault when opening multiframe gif Moderate
CVE-2023-25667 was published for tensorflow (pip) Mar 24, 2023
Integer Overflow in Chunked Transfer-Encoding Moderate
CVE-2021-32714 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
Integer overflow in Tensorflow Moderate
CVE-2022-23576 was published for tensorflow (pip) Feb 10, 2022
Overflow and uncaught divide by zero in Tensorflow Moderate
CVE-2022-21729 was published for tensorflow (pip) Feb 10, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21733 was published for tensorflow (pip) Feb 10, 2022
Integer overflows in Tensorflow Moderate
CVE-2022-23567 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in Tensorflow Moderate
CVE-2022-23575 was published for tensorflow (pip) Feb 10, 2022
Integer overflows in Tensorflow Moderate
CVE-2022-23568 was published for tensorflow (pip) Feb 9, 2022
Integer overflow leading to crash in Tensorflow Moderate
CVE-2022-21738 was published for tensorflow (pip) Feb 9, 2022
Crash in `tf.math.segment_*` operations Moderate
CVE-2021-41195 was published for tensorflow (pip) Nov 10, 2021
ProTip! Advisories are also available from the GraphQL API