GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
54 advisories
Filter by severity
Jenkins item creation restriction bypass vulnerability
Moderate
CVE-2024-47804
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Oct 2, 2024
libxmljs2 vulnerable to type confusion when parsing specially crafted XML
Critical
CVE-2024-34394
was published
for
libxmljs2
(npm)
May 2, 2024
libxmljs2 type confusion vulnerability when parsing specially crafted XML
Critical
CVE-2024-34393
was published
for
libxmljs2
(npm)
May 2, 2024
libxmljs vulnerable to type confusion when parsing specially crafted XML
Critical
CVE-2024-34391
was published
for
libxmljs
(npm)
May 2, 2024
Wrong type for `Linker`-define functions when used across two `Engine`s
Moderate
CVE-2021-39219
was published
for
wasmtime
(pip)
Sep 20, 2021
libxmljs vulnerable to type confusion when parsing specially crafted XML
Critical
CVE-2024-34392
was published
for
libxmljs
(npm)
May 2, 2024
Type confusion leading to segfault in Tensorflow
High
CVE-2022-21731
was published
for
tensorflow
(pip)
Feb 10, 2022
Duplicate Advisory: .NET and Visual Studio Remote Code Execution Vulnerability
Critical
GHSA-8rxm-6783-qh55
was published
for
System.Formats.Nrbf
(NuGet)
Nov 12, 2024
•
withdrawn
`CHECK`-failures in binary ops in Tensorflow
Moderate
CVE-2022-23583
was published
for
tensorflow
(pip)
Feb 10, 2022
CHECK-fail in SparseCross due to type confusion
Low
CVE-2021-29519
was published
for
tensorflow
(pip)
May 21, 2021
ChakraCore RCE Vulnerability
High
CVE-2016-7201
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
Type confusion if __private_get_type_id__ is overriden
Critical
CVE-2020-25575
was published
for
failure
(Rust)
Jun 16, 2022
eyre: Parts of Report are dropped as the wrong type during downcast
High
GHSA-4v52-7q2x-v4xj
was published
for
eyre
(Rust)
Apr 5, 2024
Wasmtime vulnerable to panic when using a dropped extenref-typed element segment
Low
CVE-2024-30266
was published
for
wasmtime
(Rust)
Apr 2, 2024
Vulnerable OpenSSL included in cryptography wheels
High
CVE-2023-0286
was published
for
cryptography
(pip)
Feb 8, 2023
Rust Failure Crate Vulnerable to Type confusion
Critical
CVE-2019-25010
was published
for
failure
(Rust)
Aug 25, 2021
ChakraCore RCE Vulnerability
High
CVE-2018-8384
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8298
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8291
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8229
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
High
CVE-2018-8133
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API