GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
101 advisories
TensorFlow has segfault in array_ops.upper_bound
High
CVE-2023-33976
was published
for
tensorflow
(pip)
Jul 30, 2024
Fiona affected by CVE-2023-45853 related to MiniZip madler-zlib
Critical
GHSA-q5fm-55c2-v6j9
was published
for
fiona
(pip)
Jul 16, 2024
BoringSSLAEADContext in Netty Repeats Nonces
Moderate
CVE-2024-36121
was published
for
io.netty.incubator:netty-incubator-codec-ohttp
(Maven)
Jun 5, 2024
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow
High
CVE-2024-32655
was published
for
Npgsql
(NuGet)
May 9, 2024
pgproto3 SQL Injection via Protocol Message Size Overflow
High
GHSA-7jwh-3vrq-q3m8
was published
for
github.com/jackc/pgproto3
(Go)
Mar 4, 2024
pgx SQL Injection via Protocol Message Size Overflow
High
CVE-2024-27304
was published
for
github.com/jackc/pgx
(Go)
Mar 4, 2024
Vapor contains an integer overflow in URI leading to potential host spoofing
Moderate
CVE-2024-21631
was published
for
github.com/vapor/vapor
(Swift)
Jan 3, 2024
HTTP/2 HPACK integer overflow and buffer allocation
High
CVE-2023-36478
was published
for
org.eclipse.jetty.http2:http2-hpack
(Maven)
Oct 10, 2023
snappy-java's Integer Overflow vulnerability in compress leads to DoS
Moderate
CVE-2023-34454
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
Moderate
CVE-2023-34453
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware
High
CVE-2022-31005
was published
for
github.com/vapor/vapor
(Swift)
Jun 7, 2023
Vyper vulnerable to integer overflow in loop
High
CVE-2023-32058
was published
for
vyper
(pip)
May 12, 2023
ProTip!
Advisories are also available from the
GraphQL API