Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow High
CVE-2020-36242 was published for cryptography (pip) Feb 10, 2021
bsdiff4 out-of-bounds write via patch file High
CVE-2020-15904 was published for bsdiff4 (pip) May 24, 2022
opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-qr4w-53vh-m672 was published for opencv-python (pip) Aug 30, 2024
opencv-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-jh2j-j4j9-crg3 was published for opencv-python-headless (pip) Aug 30, 2024
opencv-contrib-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-cxjf-x6jp-p7mc was published for opencv-contrib-python (pip) Aug 30, 2024
opencv-contrib-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-w2pj-9cgh-mq2c was published for opencv-contrib-python-headless (pip) Aug 30, 2024
Out of bounds access in tensorflow-lite High
CVE-2020-15212 was published for tensorflow (pip) Sep 25, 2020
Out of bounds write in tensorflow-lite High
CVE-2020-15214 was published for tensorflow (pip) Sep 25, 2020
Pillow Out-of-bounds Write High
CVE-2020-35654 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Out-of-bounds Write in Pillow High
CVE-2021-25290 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Out of bounds write in Pillow High
CVE-2021-25289 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
LIEF heap-buffer-overflow High
CVE-2021-32297 was published for lief (pip) May 24, 2022
concat built-in can corrupt memory in vyper High
CVE-2024-22419 was published for vyper (pip) Jan 19, 2024
cyberthirst kuroi8
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
PaddlePaddle heap buffer overflow in paddle.repeat_interleave High
CVE-2023-52309 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle stack overflow in paddle.linalg.lu_unpack High
CVE-2023-52307 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle stack overflow in paddle.searchsorted High
CVE-2023-52304 was published for PaddlePaddle (pip) Jan 3, 2024
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment High
CVE-2023-31146 was published for vyper (pip) May 12, 2023
trocher
Heap buffer overflow in PaddlePaddle High
CVE-2023-38671 was published for paddlepaddle (pip) Jul 26, 2023
Vyper vulnerable to memory corruption in certain builtins utilizing `msize` High
CVE-2023-42443 was published for vyper (pip) Sep 20, 2023
trocher
Out of bounds write in grappler in Tensorflow High
CVE-2022-41902 was published for tensorflow (pip) Nov 21, 2022
w0j73k
LMDB invalid write High
CVE-2019-16226 was published for lmdb (pip) May 24, 2022
Out-of-bounds Write in OpenCV High
CVE-2019-5064 was published for opencv-contrib-python (pip) Oct 12, 2021
harlekeyn
TensorFlow has segmentation fault in tfg-translate High
CVE-2023-25671 was published for tensorflow (pip) Mar 24, 2023
Out of bounds write in TFLite High
CVE-2022-23561 was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API