Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,732
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,952
Pub
13
RubyGems
1,055
Rust
1,343
Swift
54
Unreviewed advisories
All unreviewed
5,000+

20 advisories

Loading
vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters Moderate
CVE-2026-44223 was published for vllm (pip) May 6, 2026
Yunzez Credited to Yunzez
rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1 High
CVE-2026-41676 was published for openssl (Rust) Apr 22, 2026
Brillig: Heap corruption in foreign call results with nested tuple arrays Critical
CVE-2026-41197 was published for brillig (Rust) Apr 21, 2026
ImageMagick BlobStream Forward-Seek Under-Allocation Low
CVE-2025-57807 was published for Magick.NET-Q16-HDRI-OpenMP-arm64 (NuGet) Sep 5, 2025
mescuwa Credited to mescuwa
OpenVM allows the byte decomposition of pc in AUIPC chip to overflow High
CVE-2025-46723 was published for openvm (Rust) May 5, 2025
jonathanpwang Credited to jonathanpwang
Heap OOB and null pointer dereference in `RaggedTensorToTensor` Moderate
CVE-2021-29608 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `StringNGrams` Low
CVE-2021-29542 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `QuantizedResizeBilinear` Low
CVE-2021-29537 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `QuantizedMul` Low
CVE-2021-29535 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow caused by rounding Low
CVE-2021-29529 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `SparseTensorToCSRSparseMatrix` Low
CVE-2021-29545 was published for tensorflow (pip) May 21, 2021
Segfault in SparseCountSparseOutput Low
CVE-2021-29521 was published for tensorflow (pip) May 21, 2021
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2 Critical
CVE-2021-37404 was published for org.apache.hadoop:hadoop-common (Maven) Jun 14, 2022
Incorrect buffer size in crossbeam-channel Moderate
CVE-2020-35904 was published for crossbeam-channel (Rust) Aug 25, 2021
Incorrect buffer size calculation in iced-x86 Critical
CVE-2021-38188 was published for iced-x86 (Rust) Aug 25, 2021
Overflow in `tf.keras.losses.poisson` Moderate
CVE-2022-41887 was published for tensorflow (pip) Nov 21, 2022
Overflow in `FusedResizeAndPadConv2D` Moderate
CVE-2022-41885 was published for tensorflow (pip) Nov 21, 2022
Overflow in `ImageProjectiveTransformV2` Moderate
CVE-2022-41886 was published for tensorflow (pip) Nov 21, 2022
Overflow in `ResizeNearestNeighborGrad` Moderate
CVE-2022-41907 was published for tensorflow (pip) Nov 21, 2022
Unexpected panics in num-bigint Moderate
GHSA-v935-pqmr-g8v9 was published for num-bigint (Rust) Nov 3, 2021
guidovranken Credited to guidovranken and arvidn arvidn arvidn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database