Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
imagemagick: integer overflows in MNG magnification High
CVE-2025-55154 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow High
CVE-2025-57803 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
mescuwa
Credited to mescuwa
go-f3 module vulnerable to integer overflow leading to panic High
CVE-2025-59942 was published for github.com/filecoin-project/go-f3 (Go) Sep 29, 2025
0xNirix
Credited to 0xNirix
HTTP/2 HPACK integer overflow and buffer allocation High
CVE-2023-36478 was published for org.eclipse.jetty.http2:http2-hpack (Maven) Oct 10, 2023
bismuthsalamander samalws-tob
kaoudis smichaels-tob joakime
Credited to bismuthsalamander, samalws-tob, kaoudis, smichaels-tob, and joakime
Cosmos SDK's Integer Overflow vulnerability in its Validator Rewards pool can cause a chain halt High
GHSA-p22h-3m2v-cmgh was published for github.com/cosmos/cosmos-sdk (Go) Jul 8, 2025
Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt High
GHSA-869w-47c6-fq8q was published for github.com/babylonlabs-io/babylon (Go) May 15, 2025
Apollo Router Operation Limits Vulnerable to Bypass via Integer Overflow High
CVE-2025-32033 was published for apollo-router (Rust) Apr 7, 2025
Nethermind Juno Potential Denial of Service (DoS) via Integer Overflow High
CVE-2025-29072 was published for github.com/NethermindEth/juno (Go) Mar 27, 2025
pgx SQL Injection via Protocol Message Size Overflow High
CVE-2024-27304 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
Credited to paul-gerste-sonarsource
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow High
CVE-2024-32655 was published for Npgsql (NuGet) May 9, 2024
paul-gerste-sonarsource NinoFloris
Credited to paul-gerste-sonarsource and NinoFloris
ASA-2024-010: cosmossdk.io/math: Mismatched bit-length validation in sdk.Int and sdk.Dec can lead to panic High
GHSA-7225-m954-23v7 was published for cosmossdk.io/math (Go) Nov 20, 2024
Capstone Integer overflow High
CVE-2017-6952 was published for capstone (pip) May 17, 2022
Vyper vulnerable to integer overflow in loop High
CVE-2023-32058 was published for vyper (pip) May 12, 2023
trocher
Credited to trocher
Integer overflow in Tensorflow High
CVE-2022-23576 was published for tensorflow (pip) Feb 10, 2022
Integer overflow in Tensorflow High
CVE-2022-23575 was published for tensorflow (pip) Feb 10, 2022
Integer overflows in Tensorflow High
CVE-2022-23568 was published for tensorflow (pip) Feb 9, 2022
Integer overflows in Tensorflow High
CVE-2022-23567 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in Tensorflow High
CVE-2022-23562 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in TFLite High
CVE-2022-23559 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in TFLite array creation High
CVE-2022-23558 was published for tensorflow (pip) Feb 9, 2022
Integer overflow leading to crash in Tensorflow High
CVE-2022-21738 was published for tensorflow (pip) Feb 9, 2022
Overflow and uncaught divide by zero in Tensorflow High
CVE-2022-21729 was published for tensorflow (pip) Feb 10, 2022
Integer overflow in Tensorflow High
CVE-2022-21727 was published for tensorflow (pip) Feb 9, 2022
Missing validation during checkpoint loading High
CVE-2021-41203 was published for tensorflow (pip) Nov 10, 2021
Integer overflow in TensorFlow High
CVE-2022-23587 was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database