Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

23,318 advisories

Loading
Denial of Service via stack overflow Low
CVE-2022-40155 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
Denial of Service due to parser crash High
CVE-2022-40153 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022 withdrawn
Duplicate Advisory: Denial of Service due to parser crash Low
GHSA-3mq5-fq9h-gj7j was published for com.thoughtworks.xstream:xstream (Maven) Sep 17, 2022 withdrawn
wilx kurt-r2c
Denial of Service due to parser crash Moderate
CVE-2022-40152 was published for com.fasterxml.woodstox:woodstox-core (Maven) Sep 17, 2022
Tsuesun furti
Craft CMS Stored Cross-site Scripting in User Addresses Title Moderate
CVE-2022-37250 was published for craftcms/cms (Composer) Sep 17, 2022
brandonkelly
Craft CMS Cross site Scripting vulnerability Moderate
CVE-2022-37248 was published for craftcms/cms (Composer) Sep 17, 2022
brandonkelly
Budibase Improper Access Control vulnerability Moderate
CVE-2022-3225 was published for @budibase/bbui (npm) Sep 17, 2022
Craft CMS vulnerable to Cross-site Scripting via entry revisions and drafts Moderate
CVE-2022-37251 was published for craftcms/cms (Composer) Sep 17, 2022
brandonkelly
Craft CMS vulnerable to stored Cross-site Scripting via /admin/settings/fields page Moderate
CVE-2022-37247 was published for craftcms/cms (Composer) Sep 17, 2022
steal vulnerable to Prototype Pollution Critical
CVE-2022-37258 was published for steal (npm) Sep 17, 2022
TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices` Moderate
CVE-2022-35983 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal` Moderate
CVE-2022-35984 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `LRNGrad` Moderate
CVE-2022-35985 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `RaggedBincount` Moderate
CVE-2022-35986 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank` Moderate
CVE-2022-35988 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `MaxPool` Moderate
CVE-2022-35989 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `SparseBincount` Moderate
CVE-2022-35982 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad` Moderate
CVE-2022-35981 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedRelu` and `QuantizedRelu6` Moderate
CVE-2022-35979 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange` Moderate
CVE-2022-35974 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedMatMul` Moderate
CVE-2022-35973 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedBiasAdd` Moderate
CVE-2022-35972 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVars` Moderate
CVE-2022-35971 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedInstanceNorm` Moderate
CVE-2022-35970 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput` Moderate
CVE-2022-35969 was published for tensorflow (pip) Sep 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database