GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
58 advisories
Filter by severity
ASA-2024-010: cosmossdk.io/math: Mismatched bit-length validation in sdk.Int and sdk.Dec can lead to panic
High
GHSA-7225-m954-23v7
was published
for
cosmossdk.io/math
(Go)
Nov 20, 2024
TensorFlow has segfault in array_ops.upper_bound
High
CVE-2023-33976
was published
for
tensorflow
(pip)
Jul 30, 2024
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow
High
CVE-2024-32655
was published
for
Npgsql
(NuGet)
May 9, 2024
pgproto3 SQL Injection via Protocol Message Size Overflow
High
GHSA-7jwh-3vrq-q3m8
was published
for
github.com/jackc/pgproto3
(Go)
Mar 4, 2024
pgx SQL Injection via Protocol Message Size Overflow
High
CVE-2024-27304
was published
for
github.com/jackc/pgx
(Go)
Mar 4, 2024
Integer overflow in chunking helper causes dispatching to miss elements or panic
High
CVE-2024-27101
was published
for
github.com/authzed/spicedb
(Go)
Mar 1, 2024
Duplicate Advisory: Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption
High
GHSA-c2v4-chx5-vff6
was published
for
commonmarker
(RubyGems)
Jan 4, 2024
•
withdrawn
HTTP/2 HPACK integer overflow and buffer allocation
High
CVE-2023-36478
was published
for
org.eclipse.jetty.http2:http2-hpack
(Maven)
Oct 10, 2023
Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware
High
CVE-2022-31005
was published
for
github.com/vapor/vapor
(Swift)
Jun 7, 2023
swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding
High
CVE-2022-24667
was published
for
github.com/apple/swift-nio-http2
(Swift)
May 18, 2023
Vyper vulnerable to integer overflow in loop
High
CVE-2023-32058
was published
for
vyper
(pip)
May 12, 2023
TensorFlow vulnerable to integer overflow in EditDistance
High
CVE-2023-25662
was published
for
tensorflow
(pip)
Mar 24, 2023
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow
High
CVE-2023-22895
was published
for
bzip2
(Rust)
Jan 10, 2023
Mapbox is vulnerable to Integer Overflow
High
CVE-2022-38216
was published
for
com.mapbox.mapboxsdk:mapbox-android-core
(Maven)
Aug 17, 2022
Apache Avro Rust SDK corrupted data read can cause crash
High
CVE-2022-36125
was published
for
apache-avro
(Rust)
Aug 10, 2022
Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service
High
CVE-2019-25008
was published
for
http
(Rust)
Jun 16, 2022
•
withdrawn
AttesterSlashing number overflow
High
CVE-2022-29219
was published
for
@chainsafe/lodestar
(npm)
May 24, 2022
Integer overflow in solana_rbpf
High
CVE-2022-31264
was published
for
solana_rbpf
(Rust)
May 22, 2022
Integer Overflow or Wraparound in libxml2 affects Nokogiri
High
GHSA-cgx6-hpwq-fhv5
was published
for
nokogiri
(RubyGems)
May 18, 2022
Integer Overflow or Wraparound in Microweber
High
CVE-2022-1036
was published
for
microweber/microweber
(Composer)
Mar 23, 2022
Denial of service in microweber
High
CVE-2022-0961
was published
for
microweber/microweber
(Composer)
Mar 16, 2022
Integer Overflow in microweber
High
CVE-2022-0968
was published
for
microweber/microweber
(Composer)
Mar 16, 2022
Integer Overflow or Wraparound in Microweber
High
CVE-2022-0913
was published
for
microweber/microweber
(Composer)
Mar 12, 2022
ProTip!
Advisories are also available from the
GraphQL API