Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,415 advisories

Loading
Integer Overflow or Wraparound in OpenCV High
CVE-2017-12864 was published for opencv-contrib-python (pip) Oct 12, 2021
Integer Overflow or Wraparound in OpenCV High
CVE-2017-12863 was published for opencv-contrib-python (pip) Oct 12, 2021
Integer Overflow/Infinite Loop in the http crate High
CVE-2020-25574 was published for http (Rust) Aug 25, 2021
Overflow in prost-types High
CVE-2021-38192 was published for prost-types (Rust) Aug 25, 2021
tdunlap607
Integer Overflow in openssl-src High
CVE-2021-23840 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Counter overflow in chacha20 High
CVE-2019-25005 was published for chacha20 (Rust) Aug 25, 2021
Integer overflow in pywin32 High
CVE-2021-32559 was published for pywin32 (pip) Aug 9, 2021
Integer Overflow in go-jose High
CVE-2016-9123 was published for github.com/square/go-jose (Go) Jun 23, 2021
Integer overflow in github.com/gorilla/websocket High
CVE-2020-27813 was published for github.com/gorilla/websocket (Go) May 18, 2021
Integer Overflow or Wraparound in NATS Server High
CVE-2019-13126 was published for github.com/nats-io/nats-server/v2 (Go) May 18, 2021
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow High
CVE-2020-36242 was published for cryptography (pip) Feb 10, 2021
Signature Malleabillity in elliptic High
CVE-2020-13822 was published for elliptic (npm) Jul 29, 2020
Uncontrolled Resource Consumption in Pillow High
CVE-2019-19911 was published for pillow (pip) Apr 1, 2020
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0639 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
PyCryptodome integer overflow vulnerability High
CVE-2018-15560 was published for pycryptodome (pip) Aug 27, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database