Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
Out of bounds read in Pillow High
CVE-2021-25291 was published for Pillow (pip) Mar 29, 2021
tdunlap607 sunSUNQ
Pillow Out-of-bounds Read vulnerability High
CVE-2021-25288 was published for Pillow (pip) Jun 8, 2021
Out-of-bounds Read in Pillow High
CVE-2021-25287 was published for Pillow (pip) Jun 8, 2021
Uncontrolled Resource Consumption in pillow High
CVE-2021-23437 was published for pillow (pip) Sep 7, 2021
Out-of-bounds read in Pillow High
CVE-2020-10378 was published for Pillow (pip) Nov 3, 2021
sunSUNQ
Out-of-bounds reads in Pillow High
CVE-2020-10177 was published for Pillow (pip) Jul 27, 2020
sunSUNQ
Out of bounds read in Pillow High
CVE-2021-25293 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Out-of-bounds reads in Pillow High
CVE-2020-10994 was published for Pillow (pip) Jul 27, 2020
Pillow Out-of-bounds Read High
CVE-2020-35653 was published for pillow (pip) Mar 18, 2021
Out-of-bounds Read in Pillow High
CVE-2020-5313 was published for Pillow (pip) Apr 1, 2020
Out-of-bounds Read in Onionshare High
CVE-2022-21688 was published for onionshare-cli (pip) Jan 21, 2022
Mercurial Out-of-bounds Read vulnerability High
CVE-2018-17983 was published for mercurial (pip) May 14, 2022
typed-ast Out-of-bounds Read High
CVE-2019-19274 was published for typed-ast (pip) Dec 2, 2019
fritzdal
Aubio is vulnerable to out of bound read when samplerate > 50kHz High
CVE-2018-14523 was published for aubio (pip) May 13, 2022
Heap OOB read in TFLite High
CVE-2021-29606 was published for tensorflow (pip) May 21, 2021
node-stringbuilder vulnerable to Out-of-bounds Read High
CVE-2024-21524 was published for node-stringbuilder (npm) Jul 10, 2024
Read buffer overruns processing ASN.1 strings High
CVE-2021-3712 was published for openssl-src (Rust) May 24, 2022
another-rex
Out of bounds read in json-smart High
CVE-2021-31684 was published for net.minidev:json-smart (Maven) Feb 10, 2022
afdesk
Decompressors can crash the JVM and leak memory content in Aircompressor High
CVE-2024-36114 was published for io.airlift:aircompressor (Maven) Jun 2, 2024
ptaoussanis Marcono1234
google.golang.org/protobuf vulnerable to panic leading to denial of service High
CVE-2023-24535 was published for google.golang.org/protobuf (Go) Mar 14, 2023
Denial of Service in jsonparser High
CVE-2020-35381 was published for github.com/buger/jsonparser (Go) May 25, 2022
dotmesh arbitrary file read and/or write High
CVE-2020-26312 was published for github.com/dotmesh-io/dotmesh (Go) May 14, 2024
Withdrawn Advisory: Out-of-bounds Read can lead to client side denial of service High
CVE-2022-34037 was published for github.com/caddyserver/caddy (Go) Jul 23, 2022 withdrawn
Markdown vulnerable to Out-of-bounds Read while parsing citations High
CVE-2023-42821 was published for github.com/gomarkdown/markdown (Go) Sep 22, 2023
NSEcho
hson-java vulnerable to denial of service High
CVE-2023-39685 was published for org.hjson:hjson (Maven) Sep 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database