GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
169 advisories
Filter by severity
Out-of-bounds read in nokogiri
High
CVE-2017-9050
was published
for
nokogiri
(RubyGems)
Dec 13, 2017
Ox gem stack overflow in sax_parse
Moderate
CVE-2017-16229
was published
for
ox
(RubyGems)
Mar 5, 2018
Denial of Service in https-proxy-agent
Critical
CVE-2018-3739
was published
for
https-proxy-agent
(npm)
Jul 27, 2018
Denial of service or RCE from libxml2 and libxslt
High
CVE-2015-8806
was published
for
nokogiri
(RubyGems)
Sep 17, 2018
Improper Input Validation and Buffer Over-read in mqtt-packet
High
CVE-2019-5432
was published
for
mqtt-packet
(npm)
May 14, 2019
Out-of-bounds Read in concat-with-sourcemaps
Moderate
GHSA-2xv3-h762-ccxv
was published
for
concat-with-sourcemaps
(npm)
May 29, 2019
Out-of-bounds Read in base64-url
High
GHSA-j4mr-9xw3-c9jx
was published
for
base64-url
(npm)
May 31, 2019
Out-of-bounds Read in npmconf
Moderate
GHSA-57cf-349j-352g
was published
for
npmconf
(npm)
Jun 12, 2019
Out-of-bounds Read in stringstream
Moderate
CVE-2018-21270
was published
for
stringstream
(npm)
Jun 20, 2019
Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.
High
CVE-2018-21233
was published
for
tensorflow
(pip)
May 13, 2020
Out-of-bounds Read in base64url
Moderate
GHSA-rvg8-pwq2-xj7q
was published
for
base64url
(npm)
Sep 1, 2020
Heap buffer overflow in Tensorflow
Moderate
CVE-2020-15196
was published
for
tensorflow
(pip)
Sep 25, 2020
Data corruption in tensorflow-lite
High
CVE-2020-15208
was published
for
tensorflow
(pip)
Sep 25, 2020
Out of bounds access in tensorflow-lite
Moderate
CVE-2020-15211
was published
for
tensorflow
(pip)
Sep 25, 2020
Segfault in `tf.quantization.quantize_and_dequantize`
High
CVE-2020-15265
was published
for
tensorflow
(pip)
Nov 13, 2020
ProTip!
Advisories are also available from the
GraphQL API