Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

385 advisories

Loading
Segmentation faultin TensorFlow when converting a Python string to `tf.float16` High
CVE-2020-5215 was published for tensorflow (pip) Jan 28, 2020
Malicious package may avoid detection in python auditing Moderate
CVE-2020-5252 was published for safety (pip) Mar 24, 2020
akoumjian G-Rath
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used Low
GHSA-mr6r-mvw4-736g was published for vyper (pip) Mar 25, 2020
montyly
High severity vulnerability that affects indico High
GHSA-67cx-rhhq-mfhq was published for indico (pip) Oct 11, 2019
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
CSRF Vuln can expose user's QRcode Low
GHSA-fxq4-r6mr-9x64 was published for Flask-Security-Too (pip) Apr 8, 2021
Arbitrary file deletion in NeMo ASR webapp Low
GHSA-rpx7-33j2-xx9x was published for nemo_toolkit (pip) Feb 15, 2022
haby0
Improper Validation of Integrity Check Value in TensorFlow High
GHSA-43q8-3fv7-pr5x was published for tensorflow (pip) Feb 9, 2022
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow Critical
GHSA-h6gw-r52c-724r was published for tensorflow (pip) Feb 9, 2022
Malware in ctx Critical
GHSA-4g82-3jcr-q52w was published for ctx (pip) May 25, 2022
Embedded Malicious Code in ctx Critical
GHSA-67r3-h899-9w95 was published for ctx (pip) Jun 2, 2022
XSS Vulnerability in Markdown Editor High
GHSA-85q9-7467-r53q was published for inventree (pip) Jun 17, 2022
Gaurav-G2
Insufficient HTML Sanitization High
GHSA-rm89-9g65-4ffr was published for inventree (pip) Jun 17, 2022
saharshtapi
SentinelOne impersonated via PyPI packages High
GHSA-g86j-hwg9-77q5 was published for SentinelOne (pip) Dec 27, 2022
Unrestricted Attachment Upload High
CVE-2022-2111 was published for inventree (pip) Jun 17, 2022
saharshtapi
Open Redirect in Apache Superset Moderate
CVE-2021-28125 was published for apache-superset (pip) Oct 6, 2021
westonsteimel
rdiffweb vulnerable to Special Element Injection Moderate
CVE-2022-4721 was published for rdiffweb (pip) Dec 27, 2022
Code injection in `saved_model_cli` in TensorFlow High
CVE-2022-29216 was published for tensorflow (pip) May 24, 2022
Streamlit directory traversal vulnerability Moderate
CVE-2022-35918 was published for streamlit (pip) Aug 6, 2022
rdiffweb Cross-Site Request Forgery vulnerability Moderate
CVE-2022-3267 was published for rdiffweb (pip) Sep 23, 2022
Denial of Service in Tensorflow Moderate
CVE-2020-15194 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow High
CVE-2020-15203 was published for tensorflow (pip) Sep 25, 2020
Data corruption in tensorflow-lite High
CVE-2020-15208 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow Moderate
CVE-2020-15197 was published for tensorflow (pip) Sep 25, 2020
Privilege Escalation in Channelmgnt plug-in for Sopel High
CVE-2020-15251 was published for sopel_plugins.channelmgnt (pip) Oct 13, 2020
RhinosF1
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database