Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
765
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

72 advisories

Loading
binary_vec_io access memory out-of-bounds in binary_read_to_ref and binary_write_from_ref High
GHSA-wwxp-hxh6-8gf8 was published for binary_vec_io (Rust) Oct 22, 2025
NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow Critical
CVE-2025-54469 was published for github.com/neuvector/neuvector (Go) Oct 21, 2025
SPDK is vulnerable to buffer overflow in the NVMe-oF target component Moderate
CVE-2025-57275 was published for spdk (pip) Oct 1, 2025
bigint-buffer Vulnerable to Buffer Overflow via toBigIntLE() Function High
CVE-2025-3194 was published for bigint-buffer (npm) Apr 4, 2025
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters Moderate
CVE-2024-45230 was published for Django (pip) Oct 8, 2024
zerovec-derive incorrectly uses `#[repr(packed)]` Moderate
GHSA-74r5-g7vc-j2v2 was published for zerovec-derive (Rust) Jul 8, 2024
hikiko4ern
Credited to hikiko4ern
zerovec incorrectly uses `#[repr(packed)]` Moderate
GHSA-xrv3-jmcp-374j was published for zerovec (Rust) Jul 8, 2024
Rhai stack overflow vulenrability High
CVE-2024-36760 was published for rhai (Rust) Jun 13, 2024
rockhopper Buffer Overflow vulnerability Moderate
CVE-2022-4969 was published for rockhopper (pip) May 28, 2024
Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 Low
GHSA-r95h-9x8f-r3f7 was published for nokogiri (RubyGems) May 13, 2024
CommanderStorm postmodern
colbybr
Credited to CommanderStorm, postmodern, and colbybr
PyPXE Buffer Overflow vulnerability High
CVE-2023-46960 was published for PyPXE (pip) Apr 29, 2024
Buffer Overflow vulnerability in osrg gobgp High
CVE-2023-46565 was published for github.com/osrg/gobgp/v3 (Go) Apr 29, 2024
transpose: Buffer overflow due to integer overflow Moderate
CVE-2023-53156 was published for transpose (Rust) Apr 5, 2024
Pillow buffer overflow vulnerability High
CVE-2024-28219 was published for pillow (pip) Apr 3, 2024
StringIO buffer overread vulnerability Critical
CVE-2024-27280 was published for stringio (RubyGems) Mar 25, 2024
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec
Credited to minaminao-osec
Potential buffer overflow in CBOR2 decoder High
CVE-2024-26134 was published for cbor2 (pip) Feb 21, 2024
miri64
Credited to miri64
concat built-in can corrupt memory in vyper High
CVE-2024-22419 was published for vyper (pip) Jan 19, 2024
cyberthirst kuroi8
Credited to cyberthirst and kuroi8
PaddlePaddle stack overflow in paddle.linalg.lu_unpack High
CVE-2023-52307 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle heap buffer overflow in paddle.repeat_interleave High
CVE-2023-52309 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle stack overflow in paddle.searchsorted High
CVE-2023-52304 was published for PaddlePaddle (pip) Jan 3, 2024
memory overflow vulnerability in OpenEXR-viewer Critical
CVE-2023-50245 was published for afichet/openexr-viewer (GitHub Actions) Dec 12, 2023
GAP-dev
Credited to GAP-dev
free5gc Buffer Overflow vulnerability High
CVE-2023-47345 was published for github.com/free5gc/free5gc (Go) Nov 16, 2023
hutool Buffer Overflow vulnerability High
CVE-2023-42278 was published for cn.hutool:hutool-core (Maven) Sep 9, 2023
mattberry3
Credited to mattberry3
hutool Buffer Overflow vulnerability Critical
CVE-2023-42276 was published for cn.hutool:hutool-core (Maven) Sep 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database