Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
Denial of Service in https-proxy-agent Critical
CVE-2018-3739 was published for https-proxy-agent (npm) Jul 27, 2018
kurt-r2c
Credited to kurt-r2c
Out of bounds read in simple-slab Critical
CVE-2020-35892 was published for simple-slab (Rust) Aug 25, 2021
PaddlePaddle Out-of-bounds Read vulnerability Critical
CVE-2022-46741 was published for paddlepaddle (pip) Dec 7, 2022
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation Critical
CVE-2023-25668 was published for tensorflow (pip) Mar 24, 2023
Out of bounds read in bra Critical
CVE-2021-25905 was published for bra (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Deno improperly handles resizable ArrayBuffer Critical
CVE-2023-28445 was published for Deno (Rust) Mar 23, 2023
lucacasonato JohnTitor
nipunn1313
Credited to lucacasonato, JohnTitor, and nipunn1313
Out of bounds access in compact_arena Critical
CVE-2019-16139 was published for compact_arena (Rust) Aug 25, 2021
Out of bounds read in fltk Critical
CVE-2021-28308 was published for fltk (Rust) Aug 25, 2021
Out of bounds read in xcb Critical
CVE-2021-26957 was published for xcb (Rust) Aug 25, 2021
Out-of-bounds Read in atob Critical
CVE-2018-3745 was published for atob (npm) Oct 9, 2018
Out of bounds access in lucet-runtime-internals Critical
CVE-2020-35859 was published for lucet-runtime-internals (Rust) Aug 25, 2021
Out-of-bounds read in Pillow Critical
CVE-2020-11538 was published for Pillow (pip) Jul 27, 2020
openssl-src contains Read Buffer Overflow in X.509 Name Constraint Critical
CVE-2022-4203 was published for openssl-src (Rust) Feb 8, 2023
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64 Critical
CVE-2023-26489 was published for cranelift-codegen (Rust) Mar 9, 2023
alexcrichton
Credited to alexcrichton
ExecuTorch out-of-bounds access vulnerability Critical
CVE-2025-54950 was published for executorch (Maven) Aug 8, 2025
Fidget-Grep
Credited to Fidget-Grep
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database