Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

74 advisories

Loading
wasmtime has a runtime crash when combining tail calls with trapping imports Moderate
CVE-2024-47763 was published for wasmtime (Rust) Oct 9, 2024
alexcrichton fitzgen
vLLM denial of service vulnerability High
CVE-2024-8768 was published for vllm (pip) Sep 17, 2024
Denial of Service via reachable assertion High
CVE-2022-24777 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
xml-rs vulnerable to denial of service via invalid token in XML document High
CVE-2023-34411 was published for xml-rs (Rust) Jun 5, 2023
00xc
Incorrect implementation in streebog High
CVE-2019-25007 was published for streebog (Rust) Aug 25, 2021
gRPC Reachable Assertion issue High
CVE-2023-1428 was published for grpc (RubyGems) Jul 6, 2023
jonasfj
malformed proposed intoto entries can cause a panic Moderate
CVE-2023-33199 was published for github.com/sigstore/rekor (Go) May 26, 2023
cordova-plugin-fingerprint-aio DoS vulnerability Moderate
CVE-2021-43849 was published for cordova-plugin-fingerprint-aio (npm) Nov 2, 2023
0xWise64
Incomplete validation in signal ops leads to crashes in TensorFlow Moderate
CVE-2022-29213 was published for tensorflow (pip) May 24, 2022
`CHECK`-failures in binary ops in Tensorflow Moderate
CVE-2022-23583 was published for tensorflow (pip) Feb 10, 2022
Crash when type cannot be specialized in Tensorflow Moderate
CVE-2022-23572 was published for tensorflow (pip) Feb 9, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ` Moderate
CVE-2022-41901 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `SdcaOptimizer` Moderate
CVE-2022-41899 was published for tensorflow (pip) Nov 21, 2022
Multiple `CHECK`-fails in `function.cc` in TensowFlow Moderate
CVE-2022-23586 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in `TensorByteSize` in Tensorflow Moderate
CVE-2022-23582 was published for tensorflow (pip) Feb 10, 2022
`CHECK`-fails due to attempting to build a reference tensor Moderate
CVE-2022-23588 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-fails when building invalid tensor shapes in Tensorflow Moderate
CVE-2022-23569 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in Tensorflow Moderate
CVE-2022-23565 was published for tensorflow (pip) Feb 9, 2022
Reachable Assertion in Tensorflow Moderate
CVE-2022-23564 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in Tensorflow Moderate
CVE-2022-21734 was published for tensorflow (pip) Feb 10, 2022
Reachable Assertion in Tensorflow Moderate
CVE-2022-23571 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow Moderate
CVE-2022-23581 was published for tensorflow (pip) Feb 7, 2022
`CHECK`-failures during Grappler's `SafeToRemoveIdentity` in Tensorflow Moderate
CVE-2022-23579 was published for tensorflow (pip) Feb 10, 2022
Assertion failure based denial of service in Tensorflow Moderate
CVE-2022-21737 was published for tensorflow (pip) Feb 9, 2022
shiyanhui/dht vulnerable to Uncontrolled Resource Consumption High
CVE-2020-36562 was published for github.com/shiyanhui/dht (Go) Dec 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database