Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,213 advisories

Loading
changedetection.io path traversal using file URI scheme without supplying hostname High
CVE-2024-51998 was published for changedetection.io (pip) Nov 7, 2024
Erb3
Integer overflow in TensorFlow High
CVE-2022-23587 was published for tensorflow (pip) Feb 9, 2022
Use after free in `DecodePng` kernel High
CVE-2022-23584 was published for tensorflow (pip) Feb 9, 2022
Heap OOB read in `tf.raw_ops.SparseCountSparseOutput` High
CVE-2021-41210 was published for tensorflow (pip) Nov 10, 2021
Heap OOB in shape inference for `QuantizeV2` High
CVE-2021-41211 was published for tensorflow (pip) Nov 10, 2021
Heap OOB read in `tf.ragged.cross` High
CVE-2021-41212 was published for tensorflow (pip) Nov 10, 2021
Reference binding to `nullptr` in `tf.ragged.cross` High
CVE-2021-41214 was published for tensorflow (pip) Nov 10, 2021
Undefined behavior via `nullptr` reference binding in sparse matrix multiplication High
CVE-2021-41219 was published for tensorflow (pip) Nov 10, 2021
Use after free / memory leak in `CollectiveReduceV2` High
CVE-2021-41220 was published for tensorflow (pip) Nov 10, 2021
Access to invalid memory during shape inference in `Cudnn*` ops High
CVE-2021-41221 was published for tensorflow (pip) Nov 10, 2021
AgentScope uses `eval` High
CVE-2024-48050 was published for agentscope (pip) Nov 5, 2024
SaltStack Privilege Escalation vulnerability High
CVE-2013-6617 was published for salt (pip) May 17, 2022
Authentication bypass in dtale High
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
Arbitrary file deletion in litellm High
CVE-2024-4888 was published for litellm (pip) Jun 6, 2024
langflow has vulnerability in PythonCodeTool component High
CVE-2024-42835 was published for langflow (pip) Oct 31, 2024
Stack overflow due to looping TFLite subgraph High
CVE-2021-29591 was published for tensorflow (pip) May 21, 2021
OpenC3 Path Traversal via screen controller (`GHSL-2024-127`) High
CVE-2024-46977 was published for openc3 (RubyGems) Oct 2, 2024
p-
OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access High
CVE-2024-32498 was published for cinder (pip) Jul 5, 2024
ebookmeta XML External Entity vulnerability High
CVE-2024-37388 was published for ebookmeta (pip) Jun 7, 2024
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching High
CVE-2020-26269 was published for tensorflow (pip) Oct 7, 2022
Segfault in `tf.quantization.quantize_and_dequantize` High
CVE-2020-15265 was published for tensorflow (pip) Nov 13, 2020
Data corruption in tensorflow-lite High
CVE-2020-15208 was published for tensorflow (pip) Sep 25, 2020
Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion High
CVE-2024-49769 was published for waitress (pip) Oct 29, 2024
djay d-maurer
digitalresistor
Duplicate Advisory: pyload-ng vulnerable to RCE with js2py sandbox escape High
GHSA-25pw-q952-x37g was published for pyload-ng (pip) Oct 28, 2024 withdrawn
Denial of Service in Tensorflow High
CVE-2020-15203 was published for tensorflow (pip) Sep 25, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database