Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,432 advisories

Loading
Heap Based Buffer Overflow in libyaml Critical
CVE-2013-6393 was published for libyaml (npm) Aug 31, 2020
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasign Critical
CVE-2020-14967 was published for jsrsasign (npm) Jun 26, 2020
RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign Critical
CVE-2020-14968 was published for jsrsasign (npm) Jun 26, 2020
aubio Buffer Overflow vulnerability Critical
CVE-2018-19800 was published for aubio (pip) Jul 26, 2019
Buffer Overflow in pycrypto Critical
CVE-2013-7459 was published for pycrypto (pip) Dec 14, 2018
Nokogiri does not forbid namespace nodes in XPointer ranges Critical
CVE-2016-4658 was published for nokogiri (RubyGems) Aug 21, 2018
Pillow Integer overflow in ImagingResampleHorizontal Critical
CVE-2016-4009 was published for pillow (pip) Jul 24, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database