GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
47 advisories
Filter by severity
Exiv2 has an out-of-bounds read in QuickTimeVideo::NikonTagsDecoder
Moderate
CVE-2024-24826
was published
for
exiv2
(pip)
Oct 17, 2024
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
Moderate
CVE-2024-29857
was published
for
BouncyCastle
(Maven)
May 14, 2024
Heap OOB in TFLite's `Gather*` implementations
Moderate
CVE-2021-37687
was published
for
tensorflow
(pip)
Aug 25, 2021
Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.
Moderate
CVE-2018-21233
was published
for
tensorflow
(pip)
May 13, 2020
Out of bounds access in tensorflow-lite
Moderate
CVE-2020-15211
was published
for
tensorflow
(pip)
Sep 25, 2020
PyMongo Out-of-bounds Read in the bson module
Moderate
CVE-2024-5629
was published
for
pymongo
(pip)
Jun 5, 2024
PyMongo Out-of-bounds Read in the bson module
Moderate
GHSA-cr6f-gf5w-vhrc
was published
for
pymongo
(pip)
Apr 6, 2024
•
withdrawn
iq80 Snappy out-of-bounds read when uncompressing data, leading to JVM crash
Moderate
CVE-2024-36124
was published
for
org.iq80.snappy:snappy
(Maven)
Jun 4, 2024
Onnx Out-of-bounds Read vulnerability
Moderate
CVE-2024-27319
was published
for
onnx
(pip)
Feb 23, 2024
PaddlePaddle segfault in paddle.mode
Moderate
CVE-2023-38678
was published
for
PaddlePaddle
(pip)
Jan 3, 2024
Ox gem stack overflow in sax_parse
Moderate
CVE-2017-16229
was published
for
ox
(RubyGems)
Mar 5, 2018
Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2
Moderate
GHSA-hxp2-xqf3-v83h
was published
for
github.com/pion/dtls
(Go)
Feb 7, 2023
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Moderate
CVE-2021-39218
was published
for
wasmtime
(Rust)
Sep 20, 2021
Out of bounds read in lazy-init
Moderate
CVE-2021-25901
was published
for
lazy-init
(Rust)
Aug 25, 2021
Out-of-bounds Read in base64url
Moderate
GHSA-rvg8-pwq2-xj7q
was published
for
base64url
(npm)
Sep 1, 2020
Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses
Moderate
CVE-2023-28448
was published
for
versionize
(Rust)
Mar 24, 2023
Wasmtime out of bounds read/write with zero-memory-pages configuration
Moderate
CVE-2022-39392
was published
for
wasmtime
(Rust)
Nov 10, 2022
Out-of-bounds Read in iText
Moderate
CVE-2022-24198
was published
for
com.itextpdf:itext7-core
(Maven)
Feb 2, 2022
partial_sort contains Out-of-bounds Read in release mode
Moderate
GHSA-5x36-7567-3cw6
was published
for
partial_sort
(Rust)
Feb 28, 2023
ProTip!
Advisories are also available from the
GraphQL API