Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,692
Erlang
34
GitHub Actions
27
Go
2,279
Maven
5,000+
npm
3,931
NuGet
708
pip
3,699
Pub
12
RubyGems
919
Rust
957
Swift
38
Unreviewed advisories
All unreviewed
5,000+

81 advisories

Loading
Ollama Allows Out-of-Bounds Read High
CVE-2024-12055 was published for github.com/ollama/ollama (Go) Mar 20, 2025
Out-of-bounds Read in Ruby JSON Parser High
CVE-2025-27788 was published for json (RubyGems) Mar 12, 2025
Ant-Media-Server vulnerable to Improper Output Neutralization for Logs High
CVE-2024-35371 was published for io.antmedia:ant-media-server (Maven) Nov 29, 2024
Ollama Out-of-bounds Read High
CVE-2024-39720 was published for github.com/ollama/ollama (Go) Oct 31, 2024
node-stringbuilder vulnerable to Out-of-bounds Read High
CVE-2024-21524 was published for node-stringbuilder (npm) Jul 10, 2024
Decompressors can crash the JVM and leak memory content in Aircompressor High
CVE-2024-36114 was published for io.airlift:aircompressor (Maven) Jun 2, 2024
ptaoussanis Marcono1234
dotmesh arbitrary file read and/or write High
CVE-2020-26312 was published for github.com/dotmesh-io/dotmesh (Go) May 14, 2024
Markdown vulnerable to Out-of-bounds Read while parsing citations High
CVE-2023-42821 was published for github.com/gomarkdown/markdown (Go) Sep 22, 2023
NSEcho
hson-java vulnerable to denial of service High
CVE-2023-39685 was published for org.hjson:hjson (Maven) Sep 1, 2023
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch High
CVE-2023-25659 was published for tensorflow (pip) Mar 24, 2023
dengyinlin
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad High
CVE-2023-25658 was published for tensorflow (pip) Mar 24, 2023
google.golang.org/protobuf vulnerable to panic leading to denial of service High
CVE-2023-24535 was published for google.golang.org/protobuf (Go) Mar 14, 2023
Apache InLong contains Out-of-bounds Read vulnerability High
CVE-2023-24977 was published for org.apache.inlong:inlong (Maven) Feb 1, 2023
golang.org/x/text/language Out-of-bounds Read vulnerability High
CVE-2021-38561 was published for golang.org/x/text (Go) Dec 26, 2022
Patchelf out-of-bounds read High
CVE-2022-44940 was published for patchelf (pip) Dec 20, 2022
Out of bounds write in grappler in Tensorflow High
CVE-2022-41902 was published for tensorflow (pip) Nov 21, 2022
w0j73k
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess High
CVE-2022-41900 was published for tensorflow (pip) Nov 21, 2022
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching High
CVE-2020-26269 was published for tensorflow (pip) Oct 7, 2022
TensorFlow vulnerable to OOB read in `Gather_nd` in TF Lite High
CVE-2022-35937 was published for tensorflow (pip) Sep 16, 2022
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function High
CVE-2022-39213 was published for github.com/pandatix/go-cvss (Go) Sep 16, 2022
Withdrawn Advisory: Out-of-bounds Read can lead to client side denial of service High
CVE-2022-34037 was published for github.com/caddyserver/caddy (Go) Jul 23, 2022 withdrawn
Denial of Service in jsonparser High
CVE-2020-35381 was published for github.com/buger/jsonparser (Go) May 25, 2022
Asterix Heap-based Buffer Overflow High
CVE-2021-44144 was published for asterix_decoder (pip) May 24, 2022
Read buffer overruns processing ASN.1 strings High
CVE-2021-3712 was published for openssl-src (Rust) May 24, 2022
another-rex
Out-of-bounds Read in Facebook Hermes High
CVE-2020-1915 was published for hermes-engine (npm) May 24, 2022
DanielSinclair Nsquik
troZee CHaNGeTe ivan-mattr mmehtonen-24i
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database