Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

159 advisories

Loading
Segmentation faultin TensorFlow when converting a Python string to `tf.float16` High
CVE-2020-5215 was published for tensorflow (pip) Jan 28, 2020
High severity vulnerability that affects indico High
GHSA-67cx-rhhq-mfhq was published for indico (pip) Oct 11, 2019
Improper Validation of Integrity Check Value in TensorFlow High
GHSA-43q8-3fv7-pr5x was published for tensorflow (pip) Feb 9, 2022
XSS Vulnerability in Markdown Editor High
GHSA-85q9-7467-r53q was published for inventree (pip) Jun 17, 2022
Gaurav-G2
Insufficient HTML Sanitization High
GHSA-rm89-9g65-4ffr was published for inventree (pip) Jun 17, 2022
saharshtapi
SentinelOne impersonated via PyPI packages High
GHSA-g86j-hwg9-77q5 was published for SentinelOne (pip) Dec 27, 2022
Unrestricted Attachment Upload High
CVE-2022-2111 was published for inventree (pip) Jun 17, 2022
saharshtapi
Code injection in `saved_model_cli` in TensorFlow High
CVE-2022-29216 was published for tensorflow (pip) May 24, 2022
Denial of Service in Tensorflow High
CVE-2020-15203 was published for tensorflow (pip) Sep 25, 2020
Data corruption in tensorflow-lite High
CVE-2020-15208 was published for tensorflow (pip) Sep 25, 2020
Privilege Escalation in Channelmgnt plug-in for Sopel High
CVE-2020-15251 was published for sopel_plugins.channelmgnt (pip) Oct 13, 2020
RhinosF1
Command injection in Yamale High
CVE-2021-38305 was published for yamale (pip) Aug 11, 2021
Poetry vulnerable to Untrusted Search Path leading to Local Code Execution on Windows High
CVE-2022-36070 was published for poetry (pip) Oct 11, 2022
paul-gerste-sonarsource
Unrestricted Upload of File with Dangerous Type in motionEye High
CVE-2021-44255 was published for motioneye (pip) Feb 1, 2022
Out of bounds write in Tensorflow High
CVE-2022-23566 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in TFLite High
CVE-2022-23559 was published for tensorflow (pip) Feb 9, 2022
Integer overflow in TensorFlow High
CVE-2022-23587 was published for tensorflow (pip) Feb 9, 2022
Use after free in `DecodePng` kernel High
CVE-2022-23584 was published for tensorflow (pip) Feb 9, 2022
py vulnerable to Regular Expression Denial of Service High
CVE-2020-29651 was published for py (pip) Apr 20, 2021
Apache Spark UI can allow impersonation if ACLs enabled High
CVE-2022-33891 was published for org.apache.spark:spark-parent_2.12 (Maven) Jul 19, 2022
Twisted SSH client and server deny of service during SSH handshake. High
CVE-2022-21716 was published for twisted (pip) Mar 3, 2022
Idan-D vin01
When matrix-nio receives forwarded room keys, the receiver doesn't check if it requested the key from the forwarder High
CVE-2022-39254 was published for matrix-nio (pip) Sep 30, 2022
Cheetah Path Search Order Hijacking High
CVE-2005-1632 was published for cheetah (pip) May 1, 2022
Path traversal in binwalk High
CVE-2022-4510 was published for binwalk (pip) Jan 26, 2023
qkaiser
Matrix Synapse DoS High
CVE-2018-10657 was published for matrix-synapse (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database