Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

53 advisories

Loading
Reference binding to nullptr in boosted trees Moderate
CVE-2021-37662 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `MatrixSetDiagV*` ops Moderate
CVE-2021-37658 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `MatrixDiagV*` ops Moderate
CVE-2021-37657 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `RaggedTensorToSparse` Moderate
CVE-2021-37656 was published for tensorflow (pip) Aug 25, 2021
Assumed memory layout of std::net::SocketAddr Moderate
GHSA-p5w9-856p-8q4g was published for socket2 (Rust) Aug 25, 2021 withdrawn
Segfault while copying constant resource tensor Moderate
CVE-2021-41204 was published for tensorflow (pip) Nov 10, 2021
Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021... Moderate Unreviewed
CVE-2022-21156 was published Feb 11, 2022
Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals Moderate
CVE-2022-23636 was published for wasmtime (Rust) Feb 16, 2022
peterhuene
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior... Moderate Unreviewed
CVE-2021-3608 was published Feb 25, 2022
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input... Moderate Unreviewed
CVE-2022-1122 was published Mar 30, 2022
The affected product is vulnerable due to an invalid pointer initialization, which may lead to... Moderate Unreviewed
CVE-2022-21168 was published Apr 13, 2022
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when... Moderate Unreviewed
CVE-2003-1201 was published Apr 29, 2022
EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that... Moderate Unreviewed
CVE-2007-4639 was published May 1, 2022
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service ... Moderate Unreviewed
CVE-2007-4682 was published May 1, 2022
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA... Moderate Unreviewed
CVE-2009-1415 was published May 2, 2022
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1... Moderate Unreviewed
CVE-2009-1721 was published May 2, 2022
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities... Moderate Unreviewed
CVE-2018-7515 was published May 13, 2022
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1... Moderate Unreviewed
CVE-2018-0894 was published May 13, 2022
Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which... Moderate Unreviewed
CVE-2011-1814 was published May 13, 2022
Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do... Moderate Unreviewed
CVE-2014-1564 was published May 14, 2022
In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from... Moderate Unreviewed
CVE-2018-5860 was published May 14, 2022
Inkscape version 0.19 can access an uninitialized pointer, which may allow an attacker to have... Moderate Unreviewed
CVE-2021-42702 was published May 19, 2022
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a ... Moderate Unreviewed
CVE-2019-11498 was published May 24, 2022
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been... Moderate Unreviewed
CVE-2020-9274 was published May 24, 2022
In updatehub_probe, right after JSON parsing is complete, objects\[1] is accessed from the output... Moderate Unreviewed
CVE-2020-10060 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database