GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
103 advisories
Filter by severity
lz4-sys vulnerable to memory corruption via issue in liblz4
Critical
GHSA-9q5j-jm53-v7vr
was published
for
lz4-sys
(Rust)
Sep 1, 2022
High severity vulnerability that affects Microsoft.ChakraCore
High
CVE-2019-0639
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
Integer Overflow or Wraparound in TensorFlow
Moderate
GHSA-wcv5-vrvr-3rx2
was published
for
tensorflow
(pip)
Feb 9, 2022
Integer Overflow or Wraparound in libxml2 affects Nokogiri
High
GHSA-cgx6-hpwq-fhv5
was published
for
nokogiri
(RubyGems)
May 18, 2022
`CHECK` failure in depthwise ops via overflows
Moderate
GHSA-mw6j-hh29-h379
was published
for
tensorflow
(pip)
May 25, 2022
Integer overflow in publify_core
Critical
CVE-2022-1812
was published
for
publify_core
(RubyGems)
Jan 14, 2023
Integer Overflow or Wraparound in Microweber
High
CVE-2022-0913
was published
for
microweber/microweber
(Composer)
Mar 12, 2022
Integer Overflow in microweber
High
CVE-2022-0968
was published
for
microweber/microweber
(Composer)
Mar 16, 2022
Denial of service in microweber
High
CVE-2022-0961
was published
for
microweber/microweber
(Composer)
Mar 16, 2022
Integer Overflow or Wraparound in Microweber
High
CVE-2022-1036
was published
for
microweber/microweber
(Composer)
Mar 23, 2022
AttesterSlashing number overflow
High
CVE-2022-29219
was published
for
@chainsafe/lodestar
(npm)
May 24, 2022
Integer overflow in `SpaceToBatchND`
Moderate
CVE-2022-29203
was published
for
tensorflow
(pip)
May 24, 2022
Integer Overflow or Wraparound in JBCrypt
Moderate
CVE-2015-0886
was published
for
org.mindrot:jbcrypt
(Maven)
May 13, 2022
Integer overflow in solana_rbpf
High
CVE-2022-31264
was published
for
solana_rbpf
(Rust)
May 22, 2022
TensorFlow vulnerable to integer overflow in math ops
Low
CVE-2022-36015
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to Int overflow in `RaggedRangeOp`
Moderate
CVE-2022-35940
was published
for
tensorflow
(pip)
Sep 16, 2022
Apache Avro Rust SDK corrupted data read can cause crash
High
CVE-2022-36125
was published
for
apache-avro
(Rust)
Aug 10, 2022
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server
Critical
CVE-2017-7657
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt
Moderate
CVE-2020-7689
was published
for
bcrypt
(npm)
Aug 20, 2020
Integer Overflow or Wraparound in OpenCV
High
CVE-2017-12863
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Integer Overflow or Wraparound in OpenCV.
High
CVE-2017-1000450
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Integer Overflow or Wraparound in OpenCV
High
CVE-2017-12864
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
ProTip!
Advisories are also available from the
GraphQL API