Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,679
Maven
5,000+
npm
5,000+
NuGet
932
pip
4,898
Pub
13
RubyGems
1,051
Rust
1,318
Swift
53
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
fast-xml-parser has stack overflow in XMLBuilder with preserveOrder Low
CVE-2026-27942 was published for fast-xml-parser (npm) Feb 26, 2026
julianladisch Credited to julianladisch
Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 Low
GHSA-r95h-9x8f-r3f7 was published for nokogiri (RubyGems) May 13, 2024
CommanderStorm Credited to CommanderStorm, postmodern, and colbybr postmodern postmodern
colbybr colbybr
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec Credited to minaminao-osec
Heap buffer overflow in `BandedTriangularSolve` Low
CVE-2021-29612 was published for tensorflow (pip) May 21, 2021
Overflow/denial of service in `tf.raw_ops.ReverseSequence` Low
CVE-2021-29575 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `Conv2DBackpropFilter` Low
CVE-2021-29540 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `Conv3DBackprop*` Low
CVE-2021-29520 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `RaggedBinCount` Low
CVE-2021-29512 was published for tensorflow (pip) May 21, 2021
Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration Low
GHSA-f366-4rvv-95x2 was published for cryptoauthlib (pip) Oct 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database