Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,623
Maven
5,000+
npm
5,000+
NuGet
927
pip
4,843
Pub
13
RubyGems
1,045
Rust
1,271
Swift
53
Unreviewed advisories
All unreviewed
5,000+

54 advisories

Loading
OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write High
CVE-2026-34589 was published for OpenEXR (pip) Apr 8, 2026
quangIO Credited to quangIO
OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write High
CVE-2026-34588 was published for OpenEXR (pip) Apr 8, 2026
quangIO Credited to quangIO
OpenEXR: integer overflow to OOB write in uncompress_b44_impl() High
CVE-2026-34544 was published for openexr (pip) Apr 3, 2026
nicoppida Credited to nicoppida
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop High
CVE-2026-32875 was published for ujson (pip) Mar 18, 2026
vmfunc Credited to vmfunc and bwoodsend bwoodsend bwoodsend
psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps Moderate
CVE-2026-27809 was published for psd-tools (pip) Feb 26, 2026
ESPHome vulnerable to denial-of-service via out-of-bounds check bypass in the API component Moderate
CVE-2026-23833 was published for esphome (pip) Jan 21, 2026
Mat931 Credited to Mat931
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30405 was published for executorch (Maven) Aug 8, 2025
Fidget-Grep Credited to Fidget-Grep
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30404 was published for executorch (Maven) Aug 8, 2025
Fidget-Grep Credited to Fidget-Grep
Capstone Integer overflow High
CVE-2017-6952 was published for capstone (pip) May 17, 2022
Vyper vulnerable to integer overflow in loop High
CVE-2023-32058 was published for vyper (pip) May 12, 2023
trocher Credited to trocher
Integer overflow in Tensorflow High
CVE-2022-23576 was published for tensorflow (pip) Feb 10, 2022
Integer overflow in Tensorflow High
CVE-2022-23575 was published for tensorflow (pip) Feb 10, 2022
Integer overflows in Tensorflow High
CVE-2022-23568 was published for tensorflow (pip) Feb 9, 2022
Integer overflows in Tensorflow High
CVE-2022-23567 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in Tensorflow High
CVE-2022-23562 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in TFLite High
CVE-2022-23559 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in TFLite array creation High
CVE-2022-23558 was published for tensorflow (pip) Feb 9, 2022
Integer overflow leading to crash in Tensorflow High
CVE-2022-21738 was published for tensorflow (pip) Feb 9, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21733 was published for tensorflow (pip) Feb 10, 2022
Overflow and uncaught divide by zero in Tensorflow High
CVE-2022-21729 was published for tensorflow (pip) Feb 10, 2022
Integer overflow in Tensorflow High
CVE-2022-21727 was published for tensorflow (pip) Feb 9, 2022
Missing validation during checkpoint loading High
CVE-2021-41203 was published for tensorflow (pip) Nov 10, 2021
Crashes due to overflow and `CHECK`-fail in ops with large tensor shapes Moderate
CVE-2021-41197 was published for tensorflow (pip) Nov 10, 2021
Overflow/crash in `tf.tile` when tiling tensor is large Moderate
CVE-2021-41198 was published for tensorflow (pip) Nov 10, 2021
Crash in `tf.math.segment_*` operations Moderate
CVE-2021-41195 was published for tensorflow (pip) Nov 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database