GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
385 advisories
Filter by severity
Segmentation faultin TensorFlow when converting a Python string to `tf.float16`
High
CVE-2020-5215
was published
for
tensorflow
(pip)
Jan 28, 2020
Malicious package may avoid detection in python auditing
Moderate
CVE-2020-5252
was published
for
safety
(pip)
Mar 24, 2020
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used
Low
GHSA-mr6r-mvw4-736g
was published
for
vyper
(pip)
Mar 25, 2020
High severity vulnerability that affects indico
High
GHSA-67cx-rhhq-mfhq
was published
for
indico
(pip)
Oct 11, 2019
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request
Low
CVE-2020-15239
was published
for
xmpp-http-upload
(pip)
Oct 6, 2020
CSRF Vuln can expose user's QRcode
Low
GHSA-fxq4-r6mr-9x64
was published
for
Flask-Security-Too
(pip)
Apr 8, 2021
Arbitrary file deletion in NeMo ASR webapp
Low
GHSA-rpx7-33j2-xx9x
was published
for
nemo_toolkit
(pip)
Feb 15, 2022
Improper Validation of Integrity Check Value in TensorFlow
High
GHSA-43q8-3fv7-pr5x
was published
for
tensorflow
(pip)
Feb 9, 2022
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow
Critical
GHSA-h6gw-r52c-724r
was published
for
tensorflow
(pip)
Feb 9, 2022
XSS Vulnerability in Markdown Editor
High
GHSA-85q9-7467-r53q
was published
for
inventree
(pip)
Jun 17, 2022
Insufficient HTML Sanitization
High
GHSA-rm89-9g65-4ffr
was published
for
inventree
(pip)
Jun 17, 2022
SentinelOne impersonated via PyPI packages
High
GHSA-g86j-hwg9-77q5
was published
for
SentinelOne
(pip)
Dec 27, 2022
Open Redirect in Apache Superset
Moderate
CVE-2021-28125
was published
for
apache-superset
(pip)
Oct 6, 2021
rdiffweb vulnerable to Special Element Injection
Moderate
CVE-2022-4721
was published
for
rdiffweb
(pip)
Dec 27, 2022
Code injection in `saved_model_cli` in TensorFlow
High
CVE-2022-29216
was published
for
tensorflow
(pip)
May 24, 2022
Streamlit directory traversal vulnerability
Moderate
CVE-2022-35918
was published
for
streamlit
(pip)
Aug 6, 2022
rdiffweb Cross-Site Request Forgery vulnerability
Moderate
CVE-2022-3267
was published
for
rdiffweb
(pip)
Sep 23, 2022
Denial of Service in Tensorflow
Moderate
CVE-2020-15194
was published
for
tensorflow
(pip)
Sep 25, 2020
Data corruption in tensorflow-lite
High
CVE-2020-15208
was published
for
tensorflow
(pip)
Sep 25, 2020
Denial of Service in Tensorflow
Moderate
CVE-2020-15197
was published
for
tensorflow
(pip)
Sep 25, 2020
Privilege Escalation in Channelmgnt plug-in for Sopel
High
CVE-2020-15251
was published
for
sopel_plugins.channelmgnt
(pip)
Oct 13, 2020
ProTip!
Advisories are also available from the
GraphQL API