Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

16 advisories

Loading
Missing validation causes denial of service via `Conv3DBackpropFilterV2` Moderate
CVE-2022-29204 was published for tensorflow (pip) May 24, 2022
Loading a bgzip block can write out of bounds if size overflows. Critical
CVE-2021-28027 was published for bam (Rust) May 24, 2022
Integer underflow in untrusted High
CVE-2018-20989 was published for untrusted (Rust) Aug 25, 2021
gnark unsoundness in variable comparison / non-unique binary decomposition Moderate
CVE-2023-44378 was published for github.com/consensys/gnark (Go) Oct 4, 2023
kustosz Credited to kustosz
Integer underflow in Frontier Moderate
CVE-2022-21685 was published for pallet-evm-precompile-modexp (Rust) Jan 14, 2022
Crash in `max_pool3d` when size argument is 0 or negative Moderate
CVE-2021-41196 was published for tensorflow (pip) Nov 10, 2021
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
orx-pinned-vec has undefined behavior in index_of_ptr with empty slices Low
GHSA-h5j3-crg5-8jqm was published for orx-pinned-vec (Rust) Oct 21, 2025
ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS) Moderate
CVE-2025-62594 was published for Magick.NET-Q16-HDRI-OpenMP-arm64 (NuGet) Oct 27, 2025
amethyst0225 Credited to amethyst0225, jin-156, hanbunny, and yosiimich jin-156 jin-156
hanbunny hanbunny yosiimich yosiimich
go-git: Maliciously crafted idx file can cause asymmetric memory consumption Moderate
CVE-2026-34165 was published for github.com/go-git/go-git/v5 (Go) Mar 30, 2026
kq5y Credited to kq5y
ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml. Moderate
CVE-2026-33899 was published for Magick.NET-Q16-AnyCPU (NuGet) Apr 13, 2026
unbengable12 Credited to unbengable12
nimiq-account: Vesting insufficient funds error can panic Moderate
CVE-2026-34064 was published for nimiq-account (Rust) Apr 22, 2026
1seal Credited to 1seal and paberr paberr paberr
MsQuic has a Remote Elevation of Privilege Vulnerability Critical
CVE-2026-32179 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Apr 16, 2026
GoBGP has an Integer Underflow Issue Moderate
CVE-2026-7736 was published for github.com/osrg/gobgp/v4 (Go) May 4, 2026
iskorotkov/avro: Integer Overflow in Decoder High
CVE-2026-46384 was published for github.com/iskorotkov/avro/v2 (Go) May 18, 2026
klajok Credited to klajok
ImageMagick: Heap Buffer Over-Read in IPTC encoder Moderate
CVE-2026-42326 was published for Magick.NET-Q16-AnyCPU (NuGet) May 18, 2026
sukhoon0975 Credited to sukhoon0975
ProTip! Advisories are also available from the GraphQL API