Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,872
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

395 advisories

Loading
protobuf susceptible to buffer overflow High
CVE-2015-5237 was published for Google.Protobuf (Composer) May 13, 2022
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters High
CVE-2024-28123 was published for wasmi (Rust) Mar 7, 2024
Denial of Service due to parser crash Moderate
CVE-2022-40152 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022
Tsuesun furti
Chakra Scripting Engine RCE via Out-of-bounds write High
CVE-2019-1052 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
Chakra Scripting Engine RCE via Out-of-bounds write High
CVE-2019-1051 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
Chakra Scripting Engine RCE Vulnerability High
CVE-2019-1024 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
Chakra Scripting Engine Out-of-bounds write High
CVE-2019-1003 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
ChakraCore RCE via Out-of-bounds write High
CVE-2019-1002 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
Chakra Scripting Engine Out-of-bounds write High
CVE-2019-0993 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Chakra Scripting Engine Out-of-bounds write High
CVE-2019-0992 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Chakra Scripting Engine Out-of-bounds write High
CVE-2019-0991 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Chakra Scripting Engine Memory Corruption Vulnerability High
CVE-2019-0989 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64 Critical
CVE-2023-26489 was published for cranelift-codegen (Rust) Mar 9, 2023
alexcrichton
wasmtime_trap_code C API function has out of bounds write vulnerability Low
CVE-2022-39394 was published for wasmtime (Rust) Feb 1, 2024
kpreisser
Wasmtime out of bounds read/write with zero-memory-pages configuration Moderate
CVE-2022-39392 was published for wasmtime (Rust) Nov 10, 2022
alexcrichton
LIEF heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind High
CVE-2022-43171 was published for lief (pip) Nov 18, 2022
blosc2 heap-based buffer overflow High
CVE-2020-29367 was published for blosc2 (pip) May 24, 2022
OpenEXR invalid write High
CVE-2017-9111 was published for OpenEXR (pip) May 13, 2022
AugAssign evaluation order causing OOB write within the object in Vyper Low
CVE-2025-27105 was published for vyper (pip) Feb 21, 2025
Out-of-bounds Write in SixLabors ImageSharp High
CVE-2025-27598 was published for SixLabors.ImageSharp (NuGet) Mar 6, 2025
andreas-eriksson
Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() Moderate
CVE-2024-29131 was published for org.apache.commons:commons-configuration2 (Maven) Mar 21, 2024
oscerd
Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree Moderate
CVE-2024-29133 was published for org.apache.commons:commons-configuration2 (Maven) Mar 21, 2024
oscerd
ChakraCore RCE Vulnerability High
CVE-2016-7200 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
grcov has an out of bounds write triggered by crafted coverage data Moderate
GHSA-qm2p-4w45-v2vr was published for grcov (Rust) Feb 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database