Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
Pillow Integer overflow in Map.c Moderate
CVE-2016-9189 was published for pillow (pip) Jul 24, 2018
PyCryptodome integer overflow vulnerability High
CVE-2018-15560 was published for pycryptodome (pip) Aug 27, 2018
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server Critical
CVE-2017-7657 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0639 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Integer Overflow or Wraparound in Google TensorFlow Critical
CVE-2018-7575 was published for tensorflow (pip) Apr 30, 2019
Uncontrolled Resource Consumption in Pillow High
CVE-2019-19911 was published for pillow (pip) Apr 1, 2020
Signature Malleabillity in elliptic High
CVE-2020-13822 was published for elliptic (npm) Jul 29, 2020
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt Moderate
CVE-2020-7689 was published for bcrypt (npm) Aug 20, 2020
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow High
CVE-2020-36242 was published for cryptography (pip) Feb 10, 2021
Integer Overflow or Wraparound in NATS Server High
CVE-2019-13126 was published for github.com/nats-io/nats-server/v2 (Go) May 18, 2021
Integer overflow in github.com/gorilla/websocket High
CVE-2020-27813 was published for github.com/gorilla/websocket (Go) May 18, 2021
CHECK-fail in AddManySparseToTensorsMap Low
CVE-2021-29523 was published for tensorflow (pip) May 21, 2021
CHECK-fail due to integer overflow Low
CVE-2021-29584 was published for tensorflow (pip) May 21, 2021
Integer overflow in TFLite concatentation Moderate
CVE-2021-29601 was published for tensorflow (pip) May 21, 2021
Integer overflow in TFLite memory allocation High
CVE-2021-29605 was published for tensorflow (pip) May 21, 2021
Integer Overflow in go-jose High
CVE-2016-9123 was published for github.com/square/go-jose (Go) Jun 23, 2021
Integer Overflow in Chunked Transfer-Encoding Moderate
CVE-2021-32714 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
Integer overflow in pywin32 High
CVE-2021-32559 was published for pywin32 (pip) Aug 9, 2021
Counter overflow in chacha20 High
CVE-2019-25005 was published for chacha20 (Rust) Aug 25, 2021
Integer Overflow in openssl-src High
CVE-2021-23840 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Integer Overflow in openssl-src Moderate
CVE-2021-23841 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Overflow in prost-types High
CVE-2021-38192 was published for prost-types (Rust) Aug 25, 2021
tdunlap607
Overflow in libsecp256k1 Critical
CVE-2021-38195 was published for libsecp256k1 (Rust) Aug 25, 2021
Integer Overflow/Infinite Loop in the http crate High
CVE-2020-25574 was published for http (Rust) Aug 25, 2021
Integer Overflow or Wraparound in OpenCV High
CVE-2017-12863 was published for opencv-contrib-python (pip) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database