Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
ExecuTorch vulnerable to Heap-based Buffer Overflow attack High
CVE-2025-30402 was published for executorch (Maven) Jul 11, 2025
Fidget-Grep
Credited to Fidget-Grep
OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size High
CVE-2025-48071 was published for OpenEXR (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
Credited to suidpit, TheZ3ro, ndaprela, and smaury
Pillow vulnerability can cause write buffer overflow on BCn encoding High
CVE-2025-48379 was published for pillow (pip) Jul 1, 2025
PyTorch heap buffer overflow vulnerability High
CVE-2024-31580 was published for torch (pip) Apr 17, 2024
levpachmanov
Credited to levpachmanov
LIEF heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind High
CVE-2022-43171 was published for lief (pip) Nov 18, 2022
LightGBM Remote Code Execution Vulnerability High
CVE-2024-43598 was published for lightgbm (pip) Nov 12, 2024
Segfault in Tensorflow High
CVE-2020-15200 was published for tensorflow (pip) Sep 25, 2020
Heap-based Buffer Overflow in sqlite-vec High
CVE-2024-46488 was published for sqlite-vec (RubyGems) Sep 25, 2024
TensorFlow has Heap-buffer-overflow in AvgPoolGrad High
CVE-2023-25664 was published for tensorflow (pip) Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database