Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
orx-pinned-vec has undefined behavior in index_of_ptr with empty slices Low
GHSA-h5j3-crg5-8jqm was published for orx-pinned-vec (Rust) Oct 21, 2025
wrflib has a soundness issue and is unmaintained Low
GHSA-466c-pfvv-v83g was published for wrflib (Rust) Oct 3, 2025
sparklemotion nokogiri hashmap.c hashmap_get_with_hash heap-based overflow Low
CVE-2025-6494 was published for nokogiri (RubyGems) Jun 23, 2025 withdrawn
flavorjones
Credited to flavorjones
sparklemotion nokogiri hashmap.c hashmap_set_with_hash heap-based overflow Low
CVE-2025-6490 was published for nokogiri (RubyGems) Jun 22, 2025 withdrawn
Duplicate Advisory: Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 Low
GHSA-r3w4-36x6-7r99 was published for nokogiri (RubyGems) May 14, 2024 withdrawn
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec
Credited to minaminao-osec
Vyper's external calls can overflow return data to return input buffer Low
CVE-2024-24560 was published for vyper (pip) Feb 2, 2024
zobront
Credited to zobront
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
Credited to likebreath
Heap buffer overflow in `MaxPoolGrad` Low
CVE-2021-29579 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `FractionalAvgPoolGrad` Low
CVE-2021-29578 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `AvgPool3DGrad` Low
CVE-2021-29577 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `MaxPool3DGradGrad` Low
CVE-2021-29576 was published for tensorflow (pip) May 21, 2021
Overflow/denial of service in `tf.raw_ops.ReverseSequence` Low
CVE-2021-29575 was published for tensorflow (pip) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database