Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
`CHECK` failure in depthwise ops via overflows Moderate
GHSA-mw6j-hh29-h379 was published for tensorflow (pip) May 25, 2022
dompurify vulnerable to Cross-site Scripting Moderate
GHSA-pgjv-jrg2-gq3v was published for dompurify (pip) Jan 11, 2023
dompurify vulnerable to Cross-site Scripting Moderate
GHSA-h6p3-p4vx-wr8q was published for dompurify (pip) Jan 11, 2023
Formula Injection in Exported Data Moderate
GHSA-7rq4-qcpw-74gq was published for inventree (pip) Jun 17, 2022
saharshtapi
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares Moderate
GHSA-c58j-88f5-h53f was published for pycares (pip) Jul 5, 2022
Twisted vulnerable to HTTP Request Smuggling Attacks Moderate
GHSA-8r99-h8j2-rw64 was published for twisted (pip) Oct 7, 2022
Improper Input Validation in pyload-ng Moderate
CVE-2023-0434 was published for pyload-ng (pip) Jan 22, 2023
Apache Superset is vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2022-43718 was published for apache-superset (pip) Jan 16, 2023
Apache Superset vulnerable to Cross-site Scripting Moderate
CVE-2022-43717 was published for apache-superset (pip) Jan 16, 2023
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection Moderate
CVE-2022-41703 was published for apache-superset (pip) Jan 16, 2023
Apache Superset vulnerable to Injection Moderate
CVE-2022-43720 was published for apache-superset (pip) Jan 16, 2023
Apache Superset Open Redirect vulnerability Moderate
CVE-2022-43721 was published for apache-superset (pip) Jan 16, 2023
Apache Superset has Improper Access Control Moderate
CVE-2022-45438 was published for apache-superset (pip) Jan 16, 2023
SQL Injection in FreeTAKServer-UI Moderate
CVE-2022-25506 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Cross-site Scripting in FreeTAKServer-UI Moderate
CVE-2022-25507 was published for FreeTAKServer-UI (pip) Mar 12, 2022
XML External Entities Vulnerability in CVRF-CSAF-Converter Moderate
CVE-2022-27193 was published for cvrf2csaf (pip) Mar 16, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20180 was published for ansible (pip) Mar 17, 2022
LunaBorowska
Open Redirect in Flask-AppBuilder Moderate
CVE-2022-24776 was published for Flask-AppBuilder (pip) Mar 25, 2022
Missing validation causes `TensorSummaryV2` to crash Moderate
CVE-2022-29193 was published for tensorflow (pip) May 24, 2022
Regular expression denial of service in url_regex Moderate
CVE-2022-21195 was published for url_regex (pip) May 21, 2022
Missing validation causes denial of service via `StagePeek` Moderate
CVE-2022-29195 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LoadAndRemapMatrix` Moderate
CVE-2022-29199 was published for tensorflow (pip) May 24, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd Moderate
CVE-2022-29206 was published for tensorflow (pip) May 24, 2022
Undefined behavior when users supply invalid resource handles Moderate
CVE-2022-29207 was published for tensorflow (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database