Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,232 advisories

Loading
Signature Malleabillity in elliptic High
CVE-2020-13822 was published for elliptic (npm) Jul 29, 2020
Uncontrolled Resource Consumption in Pillow High
CVE-2019-19911 was published for pillow (pip) Apr 1, 2020
Integer Overflow or Wraparound in Google TensorFlow Critical
CVE-2018-7575 was published for tensorflow (pip) Apr 30, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0639 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server Critical
CVE-2017-7657 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
PyCryptodome integer overflow vulnerability High
CVE-2018-15560 was published for pycryptodome (pip) Aug 27, 2018
Pillow Integer overflow in Map.c Moderate
CVE-2016-9189 was published for pillow (pip) Jul 24, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database