Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,482
NuGet
605
pip
3,050
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8,740 advisories

Nokogiri implementation of libxslt lacks integer overflow checks High
CVE-2017-5029 was published for nokogiri (RubyGems) Jul 31, 2018
High severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua High
CVE-2018-12086 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 16, 2018
UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow High
CVE-2018-11778 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0771 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0773 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0769 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0611 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0592 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0609 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Heap buffer overflow in Tensorflow High
CVE-2020-15195 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow Moderate
CVE-2020-15200 was published for tensorflow (pip) Sep 25, 2020
Heap buffer overflow in Tensorflow Moderate
CVE-2020-15201 was published for tensorflow (pip) Sep 25, 2020
Data leak in Tensorflow Critical
CVE-2020-15205 was published for tensorflow (pip) Sep 25, 2020
Segfault and data corruption in tensorflow-lite High
CVE-2020-15207 was published for tensorflow (pip) Sep 25, 2020
Data corruption in tensorflow-lite High
CVE-2020-15208 was published for tensorflow (pip) Sep 25, 2020
Out of bounds access in tensorflow-lite Moderate
CVE-2020-15211 was published for tensorflow (pip) Sep 25, 2020
Segmentation fault in tensorflow-lite Moderate
CVE-2020-15210 was published for tensorflow (pip) Sep 25, 2020
Out of bounds write in tensorflow-lite High
CVE-2020-15214 was published for tensorflow (pip) Sep 25, 2020
Out of bounds access in tensorflow-lite High
CVE-2020-15212 was published for tensorflow (pip) Sep 25, 2020
Heap buffer overflow in CefSharp Moderate
CVE-2020-15999 was published for CefSharp.Common (NuGet) Oct 27, 2020
Inappropriate implementation in V8 in CefSharp High
CVE-2020-16013 was published for CefSharp.Common (NuGet) Nov 27, 2020
Inappropriate implementation in V8 High
CVE-2020-16009 was published for CefSharp.Common (NuGet) Dec 2, 2020
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow Critical
CVE-2020-36242 was published for cryptography (pip) Feb 10, 2021
Pillow Out-of-bounds Write High
CVE-2020-35654 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Out-of-bounds write in libpng High
CVE-2018-14550 was published for libpng (NuGet) Mar 22, 2021
ProTip! Advisories are also available from the GraphQL API