Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

59 advisories

Loading
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT Critical
CVE-2019-17195 was published for com.nimbusds:nimbus-jose-jwt (Maven) Oct 16, 2019
Segmentation faultin TensorFlow when converting a Python string to `tf.float16` Low
CVE-2020-5215 was published for tensorflow (pip) Jan 28, 2020
Potential buffer overflow in psd-tools Critical
CVE-2020-10571 was published for psd-tools (pip) Mar 16, 2020
Integer truncation in Shard API usage High
CVE-2020-15202 was published for tensorflow (pip) Sep 25, 2020
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11 Low
GHSA-3h5r-928v-mxhh was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11 Low
CVE-2018-25007 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
CHECK-fail in tf.raw_ops.EncodePng Low
CVE-2021-29531 was published for tensorflow (pip) May 21, 2021
CHECK-fail in DrawBoundingBoxes Low
CVE-2021-29533 was published for tensorflow (pip) May 21, 2021
CHECK-fail in SparseConcat Low
CVE-2021-29534 was published for tensorflow (pip) May 21, 2021
CHECK-fail in `QuantizeAndDequantizeV4Grad` Low
CVE-2021-29544 was published for tensorflow (pip) May 21, 2021
Ory fosite contains Improper Handling of Exceptional Conditions High
CVE-2020-15223 was published for github.com/ory/fosite (Go) May 24, 2021
jclebreton
Improper Check for Unusual or Exceptional Conditions in json-smart Moderate
CVE-2021-27568 was published for net.minidev:json-smart (Maven) Jun 16, 2021
afdesk
Unauthorized property update in CheckboxGroup component in Vaadin 12-14 and 15-20 Moderate
CVE-2021-33605 was published for com.vaadin:vaadin-checkbox-flow (Maven) Aug 30, 2021
tdunlap607
Incorrect handling of H2 GOAWAY + SETTINGS frames High
CVE-2021-39162 was published for github.com/pomerium/pomerium (Go) Sep 10, 2021
Denial of Service (DoS) in mongo-express Moderate
CVE-2021-23372 was published for mongo-express (npm) Oct 6, 2021
Authz Module Non-Determinism Moderate
CVE-2021-41135 was published for github.com/cosmos/cosmos-sdk (Go) Oct 21, 2021
robert-zaremba iramiller
Uncaught Exception in mercurius High
CVE-2021-43801 was published for mercurius (npm) Dec 13, 2021
Uncaught Exception in engine.io High
CVE-2022-21676 was published for engine.io (npm) Jan 13, 2022
marwej
Crash when type cannot be specialized in Tensorflow High
CVE-2022-23572 was published for tensorflow (pip) Feb 9, 2022
Crash due to erroneous `StatusOr` in TensorFlow Moderate
CVE-2022-23590 was published for tensorflow (pip) Feb 9, 2022
Segfault in `simplifyBroadcast` in Tensorflow High
CVE-2022-23593 was published for tensorflow (pip) Feb 9, 2022
Assertion failure based denial of service in Tensorflow High
CVE-2022-21737 was published for tensorflow (pip) Feb 9, 2022
Type confusion leading to segfault in Tensorflow High
CVE-2022-21731 was published for tensorflow (pip) Feb 10, 2022
Incomplete validation in `SparseSparseMinimum` Moderate
CVE-2021-29607 was published for tensorflow (pip) Mar 18, 2022
Potential Captcha Validate Bypass in flask-session-captcha Moderate
CVE-2022-24880 was published for flask-session-captcha (pip) Apr 26, 2022
GuillaumeGomez
ProTip! Advisories are also available from the GraphQL API