Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-qr4w-53vh-m672 was published for opencv-python (pip) Aug 30, 2024
opencv-contrib-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-cxjf-x6jp-p7mc was published for opencv-contrib-python (pip) Aug 30, 2024
opencv-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-jh2j-j4j9-crg3 was published for opencv-python-headless (pip) Aug 30, 2024
opencv-contrib-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863 High
GHSA-w2pj-9cgh-mq2c was published for opencv-contrib-python-headless (pip) Aug 30, 2024
SixLabors ImageSharp Out-of-bounds Write High
CVE-2024-41131 was published for SixLabors.ImageSharp (NuGet) Jul 22, 2024
Erik-White
Eclipse Parsson stack overflow when parsing deeply nested input High
CVE-2023-7272 was published for org.eclipse.parsson:parsson (Maven) Jul 17, 2024
Decompressors can crash the JVM and leak memory content in Aircompressor High
CVE-2024-36114 was published for io.airlift:aircompressor (Maven) Jun 2, 2024
ptaoussanis Marcono1234
Buffer Overflow in gitea High
CVE-2021-3382 was published for github.com/go-gitea/gitea (Go) Apr 24, 2024
Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment High
CVE-2024-21661 was published for github.com/argoproj/argo-cd (Go) Mar 18, 2024
nadava669 todaywasawesome
crenshaw-dev jannfis pasha-codefresh
concat built-in can corrupt memory in vyper High
CVE-2024-22419 was published for vyper (pip) Jan 19, 2024
cyberthirst kuroi8
PaddlePaddle stack overflow in paddle.linalg.lu_unpack High
CVE-2023-52307 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle stack overflow in paddle.searchsorted High
CVE-2023-52304 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle heap buffer overflow in paddle.repeat_interleave High
CVE-2023-52309 was published for PaddlePaddle (pip) Jan 3, 2024
hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method High
CVE-2023-51080 was published for cn.hutool:hutool-core (Maven) Dec 27, 2023
henrikplate
DOS by abusing `fetchOptions.retry`. High
CVE-2023-49800 was published for nuxt-api-party (npm) Dec 11, 2023
OhB00
Electron affected by libvpx's heap buffer overflow in vp8 encoding High
CVE-2023-5217 was published for electron (npm) Sep 28, 2023
janparisek Tech-TTGames
Vyper vulnerable to memory corruption in certain builtins utilizing `msize` High
CVE-2023-42443 was published for vyper (pip) Sep 20, 2023
trocher
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
etcd denial of service vulnerability High
CVE-2022-34038 was published for go.etcd.io/etcd/v3 (Go) Aug 22, 2023 withdrawn
reedloden
Denial of service in jackson-dataformats-text High
CVE-2023-3894 was published for com.fasterxml.jackson.dataformat:jackson-dataformats-text (Maven) Aug 8, 2023
Mochis
Heap buffer overflow in PaddlePaddle High
CVE-2023-38671 was published for paddlepaddle (pip) Jul 26, 2023
jjson vulnerable to stack exhaustion High
CVE-2023-35110 was published for de.grobmeier.json:jjson (Maven) Jun 14, 2023
htmlcleaner vulnerable to stack exhaustion High
CVE-2023-34624 was published for net.sourceforge.htmlcleaner:htmlcleaner (Maven) Jun 14, 2023
onmyquest
genson vulnerable to stack exhaustion High
CVE-2023-34617 was published for com.owlike:genson (Maven) Jun 14, 2023
ph-json vulnerable to stack exhaustion High
CVE-2023-34612 was published for com.helger.commons:ph-json (Maven) Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API