GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Missing validation causes denial of service via `Conv3DBackpropFilterV2`
Moderate
CVE-2022-29204
was published
for
tensorflow
(pip)
May 24, 2022
Loading a bgzip block can write out of bounds if size overflows.
Critical
CVE-2021-28027
was published
for
bam
(Rust)
May 24, 2022
gnark unsoundness in variable comparison / non-unique binary decomposition
Moderate
CVE-2023-44378
was published
for
github.com/consensys/gnark
(Go)
Oct 4, 2023
Integer underflow in Frontier
Moderate
CVE-2022-21685
was published
for
pallet-evm-precompile-modexp
(Rust)
Jan 14, 2022
Crash in `max_pool3d` when size argument is 0 or negative
Moderate
CVE-2021-41196
was published
for
tensorflow
(pip)
Nov 10, 2021
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
orx-pinned-vec has undefined behavior in index_of_ptr with empty slices
Low
GHSA-h5j3-crg5-8jqm
was published
for
orx-pinned-vec
(Rust)
Oct 21, 2025
ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)
Moderate
CVE-2025-62594
was published
for
Magick.NET-Q16-HDRI-OpenMP-arm64
(NuGet)
Oct 27, 2025
go-git: Maliciously crafted idx file can cause asymmetric memory consumption
Moderate
CVE-2026-34165
was published
for
github.com/go-git/go-git/v5
(Go)
Mar 30, 2026
ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml.
Moderate
CVE-2026-33899
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Apr 13, 2026
nimiq-account: Vesting insufficient funds error can panic
Moderate
CVE-2026-34064
was published
for
nimiq-account
(Rust)
Apr 22, 2026
MsQuic has a Remote Elevation of Privilege Vulnerability
Critical
CVE-2026-32179
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Apr 16, 2026
GoBGP has an Integer Underflow Issue
Moderate
CVE-2026-7736
was published
for
github.com/osrg/gobgp/v4
(Go)
May 4, 2026
iskorotkov/avro: Integer Overflow in Decoder
High
CVE-2026-46384
was published
for
github.com/iskorotkov/avro/v2
(Go)
May 18, 2026
ImageMagick: Heap Buffer Over-Read in IPTC encoder
Moderate
CVE-2026-42326
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
May 18, 2026
ProTip!
Advisories are also available from the
GraphQL API