GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
77 advisories
Filter by severity
Ollama Out-of-bounds Read
High
CVE-2024-39720
was published
for
github.com/ollama/ollama
(Go)
Oct 31, 2024
node-stringbuilder vulnerable to Out-of-bounds Read
High
CVE-2024-21524
was published
for
node-stringbuilder
(npm)
Jul 10, 2024
Decompressors can crash the JVM and leak memory content in Aircompressor
High
CVE-2024-36114
was published
for
io.airlift:aircompressor
(Maven)
Jun 2, 2024
dotmesh arbitrary file read and/or write
High
CVE-2020-26312
was published
for
github.com/dotmesh-io/dotmesh
(Go)
May 14, 2024
Markdown vulnerable to Out-of-bounds Read while parsing citations
High
CVE-2023-42821
was published
for
github.com/gomarkdown/markdown
(Go)
Sep 22, 2023
hson-java vulnerable to denial of service
High
CVE-2023-39685
was published
for
org.hjson:hjson
(Maven)
Sep 1, 2023
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
High
CVE-2023-25659
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad
High
CVE-2023-25658
was published
for
tensorflow
(pip)
Mar 24, 2023
google.golang.org/protobuf vulnerable to panic leading to denial of service
High
CVE-2023-24535
was published
for
google.golang.org/protobuf
(Go)
Mar 14, 2023
Apache InLong contains Out-of-bounds Read vulnerability
High
CVE-2023-24977
was published
for
org.apache.inlong:inlong
(Maven)
Feb 1, 2023
golang.org/x/text/language Out-of-bounds Read vulnerability
High
CVE-2021-38561
was published
for
golang.org/x/text
(Go)
Dec 26, 2022
Out of bounds write in grappler in Tensorflow
High
CVE-2022-41902
was published
for
tensorflow
(pip)
Nov 21, 2022
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
High
CVE-2022-41900
was published
for
tensorflow
(pip)
Nov 21, 2022
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching
High
CVE-2020-26269
was published
for
tensorflow
(pip)
Oct 7, 2022
TensorFlow vulnerable to OOB read in `Gather_nd` in TF Lite
High
CVE-2022-35937
was published
for
tensorflow
(pip)
Sep 16, 2022
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function
High
CVE-2022-39213
was published
for
github.com/pandatix/go-cvss
(Go)
Sep 16, 2022
Withdrawn Advisory: Out-of-bounds Read can lead to client side denial of service
High
CVE-2022-34037
was published
for
github.com/caddyserver/caddy
(Go)
Jul 23, 2022
•
withdrawn
Denial of Service in jsonparser
High
CVE-2020-35381
was published
for
github.com/buger/jsonparser
(Go)
May 25, 2022
Asterix Heap-based Buffer Overflow
High
CVE-2021-44144
was published
for
asterix_decoder
(pip)
May 24, 2022
Read buffer overruns processing ASN.1 strings
High
CVE-2021-3712
was published
for
openssl-src
(Rust)
May 24, 2022
Out-of-bounds Read in Facebook Hermes
High
CVE-2020-1915
was published
for
hermes-engine
(npm)
May 24, 2022
Out-of-bounds Read and Out-of-bounds Write in Facebook Hermes
High
CVE-2020-1912
was published
for
hermes-engine
(npm)
May 24, 2022
Mercurial Out-of-bounds Read vulnerability
High
CVE-2018-17983
was published
for
mercurial
(pip)
May 14, 2022
Aubio is vulnerable to out of bound read when samplerate > 50kHz
High
CVE-2018-14523
was published
for
aubio
(pip)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8139
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API