Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

106 advisories

Loading
Onnx Out-of-bounds Read vulnerability Moderate
CVE-2024-27319 was published for onnx (pip) Feb 23, 2024
iarspider Credited to iarspider
AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability Low
CVE-2025-15506 was published for opencolorio (pip) Jan 11, 2026
AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64 Moderate
CVE-2025-57697 was published for AstrBot (pip) Nov 7, 2025
ExecuTorch out-of-bounds access vulnerability Critical
CVE-2025-54950 was published for executorch (Maven) Aug 8, 2025
Fidget-Grep Credited to Fidget-Grep
Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file Low
CVE-2025-54080 was published for Exiv2 (pip) Aug 29, 2025
dragonArthurX Credited to dragonArthurX
OpenEXR Out of Bounds Heap Read due to Bad Pointer Arithmetic in LossyDctDecoder_execute Moderate
CVE-2025-48072 was published for OpenEXR (pip) Jul 31, 2025
suidpit Credited to suidpit, TheZ3ro, ndaprela, and smaury TheZ3ro TheZ3ro
ndaprela ndaprela smaury smaury
Vyper's `extract32` can ready dirty memory Low
CVE-2024-24564 was published for vyper (pip) Feb 26, 2024
trocher Credited to trocher
Patchelf out-of-bounds read High
CVE-2022-44940 was published for patchelf (pip) Dec 20, 2022
PaddlePaddle segfault in paddle.mode Moderate
CVE-2023-38678 was published for PaddlePaddle (pip) Jan 3, 2024
Capstone SEGV caused by a read memory access Moderate
CVE-2016-7151 was published for capstone (pip) May 24, 2022
Memory access due to code generation flaw in Cranelift module High
CVE-2021-32629 was published for cranelift-codegen (pip) Aug 25, 2021
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime Moderate
CVE-2021-39218 was published for wasmtime (pip) Sep 20, 2021
cfallin Credited to cfallin and fitzgen fitzgen fitzgen
typed-ast Out-of-bounds Read High
CVE-2019-19275 was published for typed-ast (pip) Dec 2, 2019
wasm3 uncontrolled memory allocation vulnerability Moderate
CVE-2024-27529 was published for github.com/shareup/wasm-interpreter-apple (pip) Nov 9, 2024
Asterix Heap-based Buffer Overflow High
CVE-2021-44144 was published for asterix_decoder (pip) May 24, 2022
Heap OOB read in TFLite's implementation of `Minimum` or `Maximum` Low
CVE-2021-29590 was published for tensorflow (pip) May 21, 2021
Out of bounds read and write in Tensorflow High
CVE-2022-23574 was published for tensorflow (pip) Feb 9, 2022
Read and Write outside of bounds in TensorFlow High
CVE-2022-23560 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-23592 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-21730 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-21728 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-21726 was published for tensorflow (pip) Feb 9, 2022
Arbitrary memory read in `ImmutableConst` Moderate
CVE-2021-41227 was published for tensorflow (pip) Nov 10, 2021
Heap OOB in `SparseBinCount` Moderate
CVE-2021-41226 was published for tensorflow (pip) Nov 10, 2021
`SparseFillEmptyRows` heap OOB Moderate
CVE-2021-41224 was published for tensorflow (pip) Nov 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database