Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

85 advisories

concat built-in can corrupt memory in vyper High
CVE-2024-22419 was published for vyper (pip) Jan 19, 2024
cyberthirst kuroi8
PaddlePaddle stack overflow in paddle.linalg.lu_unpack High
CVE-2023-52307 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle heap buffer overflow in paddle.repeat_interleave High
CVE-2023-52309 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle stack overflow in paddle.searchsorted High
CVE-2023-52304 was published for PaddlePaddle (pip) Jan 3, 2024
Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning Moderate
CVE-2023-46136 was published for werkzeug (pip) Oct 25, 2023
psrok1 davidism
Vyper vulnerable to memory corruption in certain builtins utilizing `msize` High
CVE-2023-42443 was published for vyper (pip) Sep 20, 2023
trocher
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
Heap-based buffer overflow in ZBar Critical
CVE-2023-40889 was published for zbar (pip) Aug 29, 2023
Heap buffer overflow in PaddlePaddle High
CVE-2023-38671 was published for paddlepaddle (pip) Jul 26, 2023
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment High
CVE-2023-31146 was published for vyper (pip) May 12, 2023
trocher
TensorFlow has segmentation fault in tfg-translate High
CVE-2023-25671 was published for tensorflow (pip) Mar 24, 2023
Out of bounds write in grappler in Tensorflow High
CVE-2022-41902 was published for tensorflow (pip) Nov 21, 2022
w0j73k
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess High
CVE-2022-41900 was published for tensorflow (pip) Nov 21, 2022
TensorFlow vulnerable to OOB write in `scatter_nd` in TF Lite High
CVE-2022-35939 was published for tensorflow (pip) Sep 16, 2022
LIEF vulnerable to heap based buffer overflow via print_binary function High
CVE-2022-38495 was published for lief (pip) Sep 14, 2022
LIEF vulnerable to heap based buffer overflow Moderate
CVE-2022-38306 was published for lief (pip) Sep 14, 2022
Heap buffer overflow due to incorrect hash function in TensorFlow Moderate
CVE-2022-29210 was published for tensorflow (pip) May 24, 2022
Segfault and OOB write due to incomplete validation in `EditDistance` in TensorFlow High
CVE-2022-29208 was published for tensorflow (pip) May 24, 2022
py-lmdb Invalid write operation Critical
CVE-2019-16227 was published for lmdb (pip) May 24, 2022
LIEF heap-buffer-overflow High
CVE-2021-32297 was published for lief (pip) May 24, 2022
bsdiff4 out-of-bounds write via patch file High
CVE-2020-15904 was published for bsdiff4 (pip) May 24, 2022
LMDB invalid write High
CVE-2019-16226 was published for lmdb (pip) May 24, 2022
py-lmdb Invalid write operation Critical
CVE-2019-16224 was published for lmdb (pip) May 24, 2022
py-lmdb Invalid write operation Critical
CVE-2019-16225 was published for lmdb (pip) May 24, 2022
Buffer overflow in wasm3 High
CVE-2022-28990 was published for pywasm3 (pip) May 21, 2022
ProTip! Advisories are also available from the GraphQL API