Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
Flask-Security vulnerable to Open Redirect Moderate
CVE-2021-23385 was published for Flask-Security (pip) Oct 7, 2022
Deserialization of Untrusted Data in Beaker Moderate
CVE-2013-7489 was published for Beaker (pip) May 5, 2022
LIEF vulnerable to heap based buffer overflow Moderate
CVE-2022-38306 was published for lief (pip) Sep 14, 2022
TensorFlow vulnerable to `CHECK` fail in `RaggedTensorToVariant` Moderate
CVE-2022-36018 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes Moderate
CVE-2022-36000 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` failure in tf.reshape via overflows Moderate
CVE-2022-35934 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `Requantize` Moderate
CVE-2022-36017 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to assertion fail on MLIR empty edge names Moderate
CVE-2022-36012 was published for tensorflow (pip) Sep 16, 2022
Plaintext storage of tokens in pulp_ansible Moderate
CVE-2022-3644 was published for pulp-ansible (pip) Oct 25, 2022
Segfault if `tf.histogram_fixed_width` is called with NaN values in TensorFlow Moderate
CVE-2022-29211 was published for tensorflow (pip) May 24, 2022
Core dump when loading TFLite models with quantization in TensorFlow Moderate
CVE-2022-29212 was published for tensorflow (pip) May 24, 2022
Type confusion leading to `CHECK`-failure based denial of service in TensorFlow Moderate
CVE-2022-29209 was published for tensorflow (pip) May 24, 2022
Streamlit directory traversal vulnerability Moderate
CVE-2022-35918 was published for streamlit (pip) Aug 6, 2022
tkvideo has a memory issue in playing videos Moderate
CVE-2022-24902 was published for tkvideoplayer (pip) May 3, 2022
Path Traversal in scout-browser Moderate
CVE-2022-1554 was published for scout-browser (pip) May 4, 2022
Heap overflow in `QuantizeAndDequantizeV2` Moderate
CVE-2022-41910 was published for tensorflow (pip) Nov 21, 2022
Overflow in `ResizeNearestNeighborGrad` Moderate
CVE-2022-41907 was published for tensorflow (pip) Nov 21, 2022
Tensorflow vulnerable to Out-of-Bounds Read Moderate
CVE-2022-41880 was published for tensorflow (pip) Nov 22, 2022
`CHECK` fail via inputs in `PyFunc` Moderate
CVE-2022-41908 was published for tensorflow (pip) Nov 21, 2022
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs Moderate
CVE-2022-41884 was published for tensorflow (pip) Nov 21, 2022
Out of bounds segmentation fault due to unequal op inputs in Tensorflow Moderate
CVE-2022-41883 was published for tensorflow (pip) Nov 21, 2022
Segfault in `tf.raw_ops.TensorListConcat` Moderate
CVE-2022-41891 was published for tensorflow (pip) Nov 21, 2022
Invalid char to bool conversion when printing a tensor Moderate
CVE-2022-41911 was published for tensorflow (pip) Nov 21, 2022
`FractionalMaxPoolGrad` Heap out of bounds read Moderate
CVE-2022-41897 was published for tensorflow (pip) Nov 21, 2022
Overflow in `FusedResizeAndPadConv2D` Moderate
CVE-2022-41885 was published for tensorflow (pip) Nov 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database