Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,297
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt High
GHSA-869w-47c6-fq8q was published for github.com/babylonlabs-io/babylon (Go) May 15, 2025
containerd has an integer overflow in User ID handling Moderate
CVE-2024-40635 was published for github.com/containerd/containerd (Go) Mar 17, 2025
p4ck3t0
Nethermind Juno Potential Denial of Service (DoS) via Integer Overflow High
CVE-2025-29072 was published for github.com/NethermindEth/juno (Go) Mar 27, 2025
pgx SQL Injection via Protocol Message Size Overflow High
CVE-2024-27304 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
ASA-2024-010: cosmossdk.io/math: Mismatched bit-length validation in sdk.Int and sdk.Dec can lead to panic High
GHSA-7225-m954-23v7 was published for cosmossdk.io/math (Go) Nov 20, 2024
pgproto3 SQL Injection via Protocol Message Size Overflow High
GHSA-7jwh-3vrq-q3m8 was published for github.com/jackc/pgproto3 (Go) Mar 4, 2024
paul-gerste-sonarsource
Integer overflow in chunking helper causes dispatching to miss elements or panic High
CVE-2024-27101 was published for github.com/authzed/spicedb (Go) Mar 1, 2024
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration in RunC Moderate
CVE-2021-43784 was published for github.com/opencontainers/runc (Go) Dec 7, 2021
felixwilhelm
Integer overflow in github.com/gorilla/websocket High
CVE-2020-27813 was published for github.com/gorilla/websocket (Go) May 18, 2021
Integer Overflow or Wraparound in NATS Server High
CVE-2019-13126 was published for github.com/nats-io/nats-server/v2 (Go) May 18, 2021
Integer Overflow in go-jose High
CVE-2016-9123 was published for github.com/square/go-jose (Go) Jun 23, 2021
Denial of Service in Bytom High
CVE-2018-18206 was published for github.com/bytom/bytom (Go) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database