Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
656
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
Segfault in tf.raw_ops.ImmutableConst Low
CVE-2021-29539 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow Low
CVE-2019-16778 was published for tensorflow (pip) Dec 16, 2019
Potential DoS with NumberFilter conversion to integer values. High
CVE-2020-15225 was published for django-filter (pip) Sep 28, 2020
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets High
CVE-2022-34169 was published for xalan:xalan (Maven) Jul 20, 2022
udengaardandersent-ELS Diddern
skuma762_uhg
vyper's range(start, start + N) reverts for negative numbers Moderate
CVE-2024-32481 was published for vyper (pip) Apr 25, 2024
trocher
Okio Signed to Unsigned Conversion Error vulnerability Moderate
CVE-2023-3635 was published for com.squareup.okio:okio (Maven) Jul 12, 2023
trettstadtnlb adrienpessu
Overflow/crash in `tf.range` Moderate
CVE-2021-41202 was published for tensorflow (pip) Nov 10, 2021
Crash in NMS ops caused by integer conversion to unsigned Moderate
CVE-2021-37669 was published for tensorflow (pip) Aug 25, 2021
Crash caused by integer conversion to unsigned Moderate
CVE-2021-37661 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in nested `tf.map_fn` with `RaggedTensor`s High
CVE-2021-37679 was published for tensorflow (pip) Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion Moderate
CVE-2021-37646 was published for tensorflow (pip) Aug 25, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
Integer overflow due to conversion to unsigned Moderate
CVE-2021-37645 was published for tensorflow (pip) Aug 25, 2021
Besu VM vulnerable to gas allocation error in CALL operations Critical
CVE-2022-36025 was published for org.hyperledger.besu:evm (Maven) Sep 23, 2022
holiman
Signed to Unsigned Conversion Error in Facebook Hermes High
CVE-2020-1913 was published for hermes-engine (npm) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database