Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec
Vyper's external calls can overflow return data to return input buffer Low
CVE-2024-24560 was published for vyper (pip) Feb 2, 2024
zobront
Vyper's bounds check on built-in `slice()` function can be overflowed Critical
CVE-2024-24561 was published for vyper (pip) Feb 1, 2024
zobront kuroi8
Authenticated Local Privilege Escalation vulnerability in Intel Optimization for Tensorflow Moderate
CVE-2023-27506 was published for intel-tensorflow (pip) Aug 11, 2023
m3t3kh4n
MindSpore vulnerable to memory corruption Low
CVE-2023-2970 was published for mindspore (pip) May 30, 2023
protobuf-cpp and protobuf-python have potential Denial of Service issue High
CVE-2022-1941 was published for protobuf (pip) Sep 23, 2022
kse3hi
WASM3 Improper Input Validation vulnerability High
CVE-2022-39974 was published for pywasm3 (pip) Sep 21, 2022
WASM3 segmentation fault Moderate
CVE-2022-34529 was published for pywasm3 (pip) Jul 28, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in python-cjson Moderate
CVE-2010-1666 was published for python-cjson (pip) May 17, 2022
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer High
CVE-2012-3444 was published for Django (pip) May 17, 2022
sunSUNQ
OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack Moderate
CVE-2013-4179 was published for nova (pip) May 17, 2022
OpenStack Swift allows authenticated users to cause a denial of service Moderate
CVE-2013-4155 was published for swift (pip) May 17, 2022
SOAPpy vulnerable to XXE attacks Moderate
CVE-2014-3243 was published for SOAPpy (pip) May 17, 2022
Dulwich Buffer Overflow when handling pack files Critical
CVE-2015-0838 was published for dulwich (pip) May 17, 2022
Pillow Buffer overflow in Jpeg2KEncode.c Moderate
CVE-2016-3076 was published for pillow (pip) May 17, 2022
PyFriBidi Buffer overflow in the fribidi_utf8_to_unicode function Moderate
CVE-2012-1176 was published for pyfribidi (pip) May 17, 2022
tlslite remote denial of service vulnerability High
CVE-2015-3220 was published for tlslite (pip) May 14, 2022
Aubio is vulnerable to denial of service via aubio_source_avcodec_readframe function High
CVE-2018-14521 was published for aubio (pip) May 14, 2022
Aubio is vulnerable to denial of service via aubio_pitch_set_unit function High
CVE-2018-14522 was published for aubio (pip) May 14, 2022
OpenStack Keystone Denial of Service vulnerability via a large HTTP request Moderate
CVE-2013-0270 was published for keystone (pip) May 5, 2022
Buffer Overflow in vyper High
CVE-2022-24788 was published for vyper (pip) Apr 20, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV Moderate
CVE-2017-17760 was published for opencv-contrib-python (pip) Oct 12, 2021
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV High
CVE-2017-12862 was published for opencv-contrib-python (pip) Oct 12, 2021
Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV High
CVE-2017-12601 was published for opencv-contrib-python (pip) Oct 12, 2021
Memory corruption when returning a literal struct with a private call inside of it High
CVE-2021-41121 was published for vyper (pip) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API