GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
276 advisories
Filter by severity
Heap-based Buffer Overflow in sqlite-vec
High
CVE-2024-46488
was published
for
sqlite-vec
(RubyGems)
Sep 25, 2024
opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
High
GHSA-qr4w-53vh-m672
was published
for
opencv-python
(pip)
Aug 30, 2024
opencv-contrib-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
High
GHSA-cxjf-x6jp-p7mc
was published
for
opencv-contrib-python
(pip)
Aug 30, 2024
opencv-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
High
GHSA-jh2j-j4j9-crg3
was published
for
opencv-python-headless
(pip)
Aug 30, 2024
opencv-contrib-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
High
GHSA-w2pj-9cgh-mq2c
was published
for
opencv-contrib-python-headless
(pip)
Aug 30, 2024
SixLabors ImageSharp Out-of-bounds Write
High
CVE-2024-41131
was published
for
SixLabors.ImageSharp
(NuGet)
Jul 22, 2024
Decompressors can crash the JVM and leak memory content in Aircompressor
High
CVE-2024-36114
was published
for
io.airlift:aircompressor
(Maven)
Jun 2, 2024
Buffer Overflow in gitea
High
CVE-2021-3382
was published
for
github.com/go-gitea/gitea
(Go)
Apr 24, 2024
Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment
High
CVE-2024-21661
was published
for
github.com/argoproj/argo-cd
(Go)
Mar 18, 2024
concat built-in can corrupt memory in vyper
High
CVE-2024-22419
was published
for
vyper
(pip)
Jan 19, 2024
PaddlePaddle stack overflow in paddle.searchsorted
High
CVE-2023-52304
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
PaddlePaddle heap buffer overflow in paddle.repeat_interleave
High
CVE-2023-52309
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
PaddlePaddle stack overflow in paddle.linalg.lu_unpack
High
CVE-2023-52307
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method
High
CVE-2023-51080
was published
for
cn.hutool:hutool-core
(Maven)
Dec 27, 2023
DOS by abusing `fetchOptions.retry`.
High
CVE-2023-49800
was published
for
nuxt-api-party
(npm)
Dec 11, 2023
Electron affected by libvpx's heap buffer overflow in vp8 encoding
High
CVE-2023-5217
was published
for
electron
(npm)
Sep 28, 2023
Vyper vulnerable to memory corruption in certain builtins utilizing `msize`
High
CVE-2023-42443
was published
for
vyper
(pip)
Sep 20, 2023
libwebp: OOB write in BuildHuffmanTable
High
CVE-2023-4863
was published
for
Pillow
(Go)
Sep 12, 2023
etcd denial of service vulnerability
High
CVE-2022-34038
was published
for
go.etcd.io/etcd/v3
(Go)
Aug 22, 2023
•
withdrawn
Denial of service in jackson-dataformats-text
High
CVE-2023-3894
was published
for
com.fasterxml.jackson.dataformat:jackson-dataformats-text
(Maven)
Aug 8, 2023
Heap buffer overflow in PaddlePaddle
High
CVE-2023-38671
was published
for
paddlepaddle
(pip)
Jul 26, 2023
jjson vulnerable to stack exhaustion
High
CVE-2023-35110
was published
for
de.grobmeier.json:jjson
(Maven)
Jun 14, 2023
ph-json vulnerable to stack exhaustion
High
CVE-2023-34612
was published
for
com.helger.commons:ph-json
(Maven)
Jun 14, 2023
sojo vulnerable to stack exhaustion
High
CVE-2023-34613
was published
for
net.sf.sojo:sojo
(Maven)
Jun 14, 2023
json-io vulnerable to stack exhaustion
High
CVE-2023-34610
was published
for
com.cedarsoftware:json-io
(Maven)
Jun 14, 2023
ProTip!
Advisories are also available from the
GraphQL API