GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
68 advisories
Filter by severity
Buffer Overflow in node-weakauras-parser
Moderate
GHSA-86mr-6m89-vgj3
was published
for
node-weakauras-parser
(npm)
Sep 3, 2020
Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration
Low
GHSA-f366-4rvv-95x2
was published
for
cryptoauthlib
(pip)
Oct 2, 2020
Buffer Copy without Checking Size of Input in NumPy
Moderate
CVE-2021-41496
was published
for
numpy
(pip)
Feb 8, 2022
Buffer overflow in Jenkins WMI Windows Agents plugin
Moderate
CVE-2022-30950
was published
for
org.jenkins-ci.plugins:windows-slaves
(Maven)
May 18, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV
High
CVE-2017-12601
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
X.509 Email Address Variable Length Buffer Overflow
High
CVE-2022-3786
was published
for
openssl-src
(Rust)
Nov 1, 2022
node-bluetooth is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation
Critical
CVE-2023-26110
was published
for
node-bluetooth
(npm)
Mar 9, 2023
node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannel
Critical
CVE-2023-26109
was published
for
node-bluetooth-serial-port
(npm)
Mar 9, 2023
TensorFlow has Heap-buffer-overflow in AvgPoolGrad
High
CVE-2023-25664
was published
for
tensorflow
(pip)
Mar 24, 2023
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite
High
CVE-2022-41894
was published
for
tensorflow
(pip)
Nov 21, 2022
Out-of-bounds Write in OpenCV
High
CVE-2019-5064
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Critical
CVE-2020-35887
was published
for
arr
(Rust)
Aug 25, 2021
Uncontrolled Resource Consumption in LengthPrefixedMessageReader
High
CVE-2021-36155
was published
for
github.com/grpc/grpc-swift
(Swift)
Jun 9, 2023
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
Critical
CVE-2021-37404
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Jun 14, 2022
XStream can cause Denial of Service via stack overflow
High
CVE-2022-41966
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 29, 2022
Heap buffer overflow due to incorrect hash function in TensorFlow
Moderate
CVE-2022-29210
was published
for
tensorflow
(pip)
May 24, 2022
Vapor vulnerable to denial of service in URLEncodedFormDecoder
High
CVE-2022-31019
was published
for
github.com/vapor/vapor
(Swift)
Jun 7, 2023
Buffer Overflow in galois_2p8
Critical
CVE-2022-24988
was published
for
galois_2p8
(Rust)
Feb 15, 2022
X.509 Email Address 4-byte Buffer Overflow
Critical
CVE-2022-3602
was published
for
openssl-src
(Rust)
Nov 1, 2022
Pion/DTLS contains buffer for inbound DTLS fragments with no limit
Moderate
CVE-2022-29189
was published
for
github.com/pion/dtls
(Go)
May 24, 2022
hutool Buffer Overflow vulnerability
Critical
CVE-2023-42277
was published
for
cn.hutool:hutool-core
(Maven)
Sep 9, 2023
hutool Buffer Overflow vulnerability
Critical
CVE-2023-42276
was published
for
cn.hutool:hutool-core
(Maven)
Sep 9, 2023
ProTip!
Advisories are also available from the
GraphQL API