GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
64 advisories
Filter by severity
zebrad vulnerable to full node denial of service via crafted Sapling receiver in z_listunifiedreceivers
Moderate
GHSA-c8w6-x74f-vmg3
was published
for
zebra-rpc
(Rust)
Jul 2, 2026
OpenBao: Transit secrets engine crashes on key creation with `derived: true` for asymmetric key types
Moderate
CVE-2026-55776
was published
for
github.com/openbao/openbao
(Go)
Jun 19, 2026
nimiq-blockchain: Genesis batch set request
Moderate
CVE-2026-46543
was published
for
nimiq-blockchain
(Rust)
May 21, 2026
nimiq-keys: Denial of service in Ed25519 multisig delinearization via invalid curve points
Moderate
CVE-2026-46542
was published
for
nimiq-keys
(Rust)
May 21, 2026
nimiq-blockchain: Peer-triggerable panic during history sync
Moderate
CVE-2026-34066
was published
for
nimiq-blockchain
(Rust)
Apr 22, 2026
Zebra Vulnerable to Denial of Service via Interrupted JSON-RPC Requests from Authenticated Clients
Moderate
CVE-2026-41585
was published
for
zebra-rpc
(Rust)
Apr 18, 2026
nimiq-consensus panics via RequestMacroChain micro-block locator
Moderate
CVE-2026-34069
was published
for
nimiq-consensus
(Rust)
Apr 13, 2026
CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing
Moderate
CVE-2026-30867
was published
for
CocoaMQTT
(Swift)
Apr 3, 2026
psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
Moderate
CVE-2026-27809
was published
for
psd-tools
(pip)
Feb 26, 2026
go-tuf affected by client DoS via malformed server response
Moderate
CVE-2026-23991
was published
for
github.com/theupdateframework/go-tuf/v2
(Go)
Jan 21, 2026
Free5GC is vulnerable to DoS through its Npcf_BDTPolicyControl POST API
Moderate
CVE-2025-60632
was published
for
github.com/free5gc/pcf
(Go)
Nov 24, 2025
wasmtime has a runtime crash when combining tail calls with trapping imports
Moderate
CVE-2024-47763
was published
for
wasmtime
(Rust)
Oct 9, 2024
cordova-plugin-fingerprint-aio DoS vulnerability
Moderate
CVE-2021-43849
was published
for
cordova-plugin-fingerprint-aio
(npm)
Nov 2, 2023
malformed proposed intoto entries can cause a panic
Moderate
CVE-2023-33199
was published
for
github.com/sigstore/rekor
(Go)
May 26, 2023
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
Moderate
CVE-2022-41901
was published
for
tensorflow
(pip)
Nov 21, 2022
`CHECK` fail via inputs in `SdcaOptimizer`
Moderate
CVE-2022-41899
was published
for
tensorflow
(pip)
Nov 21, 2022
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`
Moderate
CVE-2022-41893
was published
for
tensorflow
(pip)
Nov 21, 2022
TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`
Moderate
CVE-2022-35983
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal`
Moderate
CVE-2022-35984
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `LRNGrad`
Moderate
CVE-2022-35985
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank`
Moderate
CVE-2022-35988
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `MaxPool`
Moderate
CVE-2022-35989
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad`
Moderate
CVE-2022-35981
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVars`
Moderate
CVE-2022-35971
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `AvgPoolGrad`
Moderate
CVE-2022-35968
was published
for
tensorflow
(pip)
Sep 16, 2022
ProTip!
Advisories are also available from the
GraphQL API