GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
278 advisories
Filter by severity
json-io vulnerable to stack exhaustion
High
CVE-2023-34610
was published
for
com.cedarsoftware:json-io
(Maven)
Jun 14, 2023
hjson stack exhaustion vulnerability
High
CVE-2023-34620
was published
for
org.hjson:hjson
(Maven)
Jun 14, 2023
pbjson vulnerable to stack exhaustion
High
CVE-2023-34616
was published
for
com.progsbase.libraries:JSON
(Maven)
Jun 14, 2023
jsonij vulnerable to stack exhaustion
High
CVE-2023-34614
was published
for
cc.plural:jsonij
(Maven)
Jun 14, 2023
ph-json vulnerable to stack exhaustion
High
CVE-2023-34612
was published
for
com.helger.commons:ph-json
(Maven)
Jun 14, 2023
sojo vulnerable to stack exhaustion
High
CVE-2023-34613
was published
for
net.sf.sojo:sojo
(Maven)
Jun 14, 2023
Unrestricted recursion in htmlunit
High
CVE-2023-2798
was published
for
org.htmlunit:htmlunit
(Maven)
May 25, 2023
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment
High
CVE-2023-31146
was published
for
vyper
(pip)
May 12, 2023
TensorFlow has segmentation fault in tfg-translate
High
CVE-2023-25671
was published
for
tensorflow
(pip)
Mar 24, 2023
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
High
CVE-2022-40151
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 30, 2022
Jettison Out-of-bounds Write vulnerability
High
CVE-2022-45693
was published
for
org.codehaus.jettison:jettison
(Maven)
Dec 13, 2022
json stack overflow vulnerability
High
CVE-2022-45688
was published
for
cn.hutool:hutool-json
(Maven)
Dec 13, 2022
Jettison Out-of-bounds Write vulnerability
High
CVE-2022-45685
was published
for
org.codehaus.jettison:jettison
(Maven)
Dec 13, 2022
Out of bounds write in grappler in Tensorflow
High
CVE-2022-41902
was published
for
tensorflow
(pip)
Nov 21, 2022
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
High
CVE-2022-41900
was published
for
tensorflow
(pip)
Nov 21, 2022
Denial of Service due to parser crash
High
CVE-2022-40153
was published
for
com.fasterxml.woodstox:woodstox-core
(Maven)
Sep 17, 2022
•
withdrawn
TensorFlow vulnerable to OOB write in `scatter_nd` in TF Lite
High
CVE-2022-35939
was published
for
tensorflow
(pip)
Sep 16, 2022
Talos vulnerable dependency due to race condition in Linux kernel's IP framework XFRM
High
GHSA-34vw-m4rh-r36p
was published
for
github.com/talos-systems/talos
(Go)
Sep 16, 2022
LIEF vulnerable to heap based buffer overflow via print_binary function
High
CVE-2022-38495
was published
for
lief
(pip)
Sep 14, 2022
opcua Vulnerable to Out-of-bounds Write
High
CVE-2022-25903
was published
for
opcua
(Rust)
Aug 25, 2022
Uses of deprecated API can be used to cause DoS in user-facing endpoints
High
CVE-2022-31054
was published
for
github.com/argoproj/argo-events
(Go)
Jun 17, 2022
Segfault and OOB write due to incomplete validation in `EditDistance` in TensorFlow
High
CVE-2022-29208
was published
for
tensorflow
(pip)
May 24, 2022
ChakraCore RCE via Out-of-bounds write
High
CVE-2019-1051
was published
for
Microsoft.ChakraCore
(NuGet)
May 24, 2022
ChakraCore RCE via Out-of-bounds write
High
CVE-2019-1002
was published
for
Microsoft.ChakraCore
(NuGet)
May 24, 2022
ChakraCore RCE Vulnerability
High
CVE-2019-1024
was published
for
Microsoft.ChakraCore
(NuGet)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API