Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

50 advisories

Loading
SPDK is vulnerable to buffer overflow in the NVMe-oF target component Moderate
CVE-2025-57275 was published for spdk (pip) Oct 1, 2025
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec
Credited to minaminao-osec
Vyper's external calls can overflow return data to return input buffer Low
CVE-2024-24560 was published for vyper (pip) Feb 2, 2024
zobront
Credited to zobront
Vyper's bounds check on built-in `slice()` function can be overflowed Critical
CVE-2024-24561 was published for vyper (pip) Feb 1, 2024
zobront kuroi8
Credited to zobront and kuroi8
Authenticated Local Privilege Escalation vulnerability in Intel Optimization for Tensorflow Moderate
CVE-2023-27506 was published for intel-tensorflow (pip) Aug 11, 2023
m3t3kh4n
Credited to m3t3kh4n
MindSpore vulnerable to memory corruption Moderate
CVE-2023-2970 was published for mindspore (pip) May 30, 2023
protobuf-cpp and protobuf-python have potential Denial of Service issue High
CVE-2022-1941 was published for protobuf (pip) Sep 23, 2022
kse3hi
Credited to kse3hi
WASM3 Improper Input Validation vulnerability High
CVE-2022-39974 was published for pywasm3 (pip) Sep 21, 2022
WASM3 segmentation fault Moderate
CVE-2022-34529 was published for pywasm3 (pip) Jul 28, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in python-cjson Moderate
CVE-2010-1666 was published for python-cjson (pip) May 17, 2022
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer High
CVE-2012-3444 was published for Django (pip) May 17, 2022
sunSUNQ
Credited to sunSUNQ
OpenStack Swift allows authenticated users to cause a denial of service Moderate
CVE-2013-4155 was published for swift (pip) May 17, 2022
OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack Moderate
CVE-2013-4179 was published for nova (pip) May 17, 2022
SOAPpy vulnerable to XXE attacks Moderate
CVE-2014-3243 was published for SOAPpy (pip) May 17, 2022
Dulwich Buffer Overflow when handling pack files Critical
CVE-2015-0838 was published for dulwich (pip) May 17, 2022
Pillow Buffer overflow in Jpeg2KEncode.c High
CVE-2016-3076 was published for pillow (pip) May 17, 2022
PyFriBidi Buffer overflow in the fribidi_utf8_to_unicode function High
CVE-2012-1176 was published for pyfribidi (pip) May 17, 2022
tlslite remote denial of service vulnerability High
CVE-2015-3220 was published for tlslite (pip) May 14, 2022
Aubio is vulnerable to denial of service via aubio_source_avcodec_readframe function High
CVE-2018-14521 was published for aubio (pip) May 14, 2022
Aubio is vulnerable to denial of service via aubio_pitch_set_unit function High
CVE-2018-14522 was published for aubio (pip) May 14, 2022
OpenStack Keystone Denial of Service vulnerability via a large HTTP request Moderate
CVE-2013-0270 was published for keystone (pip) May 5, 2022
Buffer Overflow in vyper High
CVE-2022-24788 was published for vyper (pip) Apr 20, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV Moderate
CVE-2017-17760 was published for opencv-contrib-python (pip) Oct 12, 2021
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV High
CVE-2017-12862 was published for opencv-contrib-python (pip) Oct 12, 2021
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV High
CVE-2017-12601 was published for opencv-contrib-python (pip) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database