Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
52
Go
3,975
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec Moderate
CVE-2026-24807 was published for com.github.liuyueyi.media:batik-codec-fix (Maven) Jan 27, 2026
hutool Buffer Overflow vulnerability Critical
CVE-2023-42276 was published for cn.hutool:hutool-core (Maven) Sep 9, 2023
hutool Buffer Overflow vulnerability Critical
CVE-2023-42277 was published for cn.hutool:hutool-core (Maven) Sep 9, 2023
hutool Buffer Overflow vulnerability High
CVE-2023-42278 was published for cn.hutool:hutool-core (Maven) Sep 9, 2023
mattberry3 Credited to mattberry3
XStream can cause Denial of Service via stack overflow High
CVE-2022-41966 was published for com.thoughtworks.xstream:xstream (Maven) Dec 29, 2022
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2 Critical
CVE-2021-37404 was published for org.apache.hadoop:hadoop-common (Maven) Jun 14, 2022
Buffer overflow in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30950 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault Credited to NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database