Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

9,039 advisories

Loading
Eclipse Jetty URI parsing of invalid authority Moderate
CVE-2024-6763 was published for org.eclipse.jetty:jetty-http (Maven) Oct 14, 2024
zer0yu
VM images built with Image Builder with some providers use default credentials during builds in github.com/kubernetes-sigs/image-builder Moderate
CVE-2024-9594 was published for github.com/kubernetes-sigs/image-builder (Go) Oct 15, 2024
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks Moderate
CVE-2024-8184 was published for org.eclipse.jetty:jetty-server (Maven) Oct 14, 2024
HRsGIT
Bonita cross-site scripting vulnerability Moderate
CVE-2024-27609 was published for org.bonitasoft.console:bonita-web-server (Maven) Apr 1, 2024
Hashicorp Consul Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability Moderate
CVE-2024-10006 was published for github.com/hashicorp/consul (Go) Oct 31, 2024
Hashicorp Nomad Incorrect Authorization vulnerability Moderate
CVE-2024-10975 was published for github.com/hashicorp/nomad (Go) Nov 7, 2024
Denial of Service condition in Next.js image optimization Moderate
CVE-2024-47831 was published for next (npm) Oct 14, 2024
HTTP Client uses incorrect token after refresh Moderate
CVE-2024-51987 was published for Duende.AccessTokenManagement.OpenIdConnect (NuGet) Nov 7, 2024
natelaff
Null pointer dereference in Grappler's `IsConstant` Moderate
CVE-2022-23589 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-fails due to attempting to build a reference tensor Moderate
CVE-2022-23588 was published for tensorflow (pip) Feb 9, 2022
Multiple `CHECK`-fails in `function.cc` in TensowFlow Moderate
CVE-2022-23586 was published for tensorflow (pip) Feb 9, 2022
Memory leak in decoding PNG images Moderate
CVE-2022-23585 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in `TensorByteSize` in Tensorflow Moderate
CVE-2022-23582 was published for tensorflow (pip) Feb 10, 2022
`CHECK`-failures in binary ops in Tensorflow Moderate
CVE-2022-23583 was published for tensorflow (pip) Feb 10, 2022
`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow Moderate
CVE-2022-23581 was published for tensorflow (pip) Feb 7, 2022
Abort caused by allocating a vector that is too large in Tensorflow Moderate
CVE-2022-23580 was published for tensorflow (pip) Feb 7, 2022
`CHECK`-failures during Grappler's `SafeToRemoveIdentity` in Tensorflow Moderate
CVE-2022-23579 was published for tensorflow (pip) Feb 10, 2022
FPE in convolutions with zero size filters Moderate
CVE-2021-41209 was published for tensorflow (pip) Nov 10, 2021
Deadlock in mutually recursive `tf.function` objects Moderate
CVE-2021-41213 was published for tensorflow (pip) Nov 10, 2021
Null pointer exception in `DeserializeSparse` Moderate
CVE-2021-41215 was published for tensorflow (pip) Nov 10, 2021
Heap buffer overflow in `Transpose` Moderate
CVE-2021-41216 was published for tensorflow (pip) Nov 10, 2021
Null pointer exception when `Exit` node is not preceded by `Enter` op Moderate
CVE-2021-41217 was published for tensorflow (pip) Nov 10, 2021
Integer division by 0 in `tf.raw_ops.AllToAll` Moderate
CVE-2021-41218 was published for tensorflow (pip) Nov 10, 2021
Overflow/crash in `tf.image.resize` when size is large Moderate
CVE-2021-41199 was published for tensorflow (pip) Nov 10, 2021
JSON-lib mishandles an unbalanced comment string Moderate
CVE-2024-47855 was published for org.kordamp.json:json-lib-core (Maven) Oct 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database