Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,433 advisories

Loading
Cross-site Scripting (XSS) - DOM in janeczku/calibre-web Moderate
CVE-2021-3988 was published for calibreweb (pip) Nov 15, 2024
Improper Access Control in janeczku/calibre-web Moderate
CVE-2021-3987 was published for calibreweb (pip) Nov 15, 2024
Generation of Error Message Containing Sensitive Information in janeczku/calibre-web Moderate
CVE-2021-3986 was published for calibreweb (pip) Nov 15, 2024
Missing ratelimit on passwrod resets in zenml Moderate
CVE-2024-4311 was published for zenml (pip) Nov 14, 2024
ReDoS in giskard's transformation.py (GHSL-2024-324) Moderate
CVE-2024-52524 was published for giskard (pip) Nov 14, 2024
kevinbackhouse
Salt preflight script could be attacker controlled Moderate
CVE-2023-34049 was published for salt (pip) Nov 14, 2024
OpenC3 stores passwords in clear text (`GHSL-2024-129`) Moderate
CVE-2024-47529 was published for @openc3/tool-common (RubyGems) Oct 2, 2024
p-
SQL injection in Tortoise ORM Moderate
CVE-2020-11010 was published for tortoise-orm (pip) Apr 20, 2020
Memory leak in Tensorflow Moderate
CVE-2022-23578 was published for tensorflow (pip) Feb 10, 2022
Null pointer dereference in TensorFlow Moderate
CVE-2022-23595 was published for tensorflow (pip) Feb 9, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21733 was published for tensorflow (pip) Feb 10, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Division by zero in Tensorflow Moderate
CVE-2022-21725 was published for tensorflow (pip) Feb 10, 2022
Code injection in `saved_model_cli` Moderate
CVE-2021-41228 was published for tensorflow (pip) Nov 10, 2021
Arbitrary memory read in `ImmutableConst` Moderate
CVE-2021-41227 was published for tensorflow (pip) Nov 10, 2021
Heap OOB in `SparseBinCount` Moderate
CVE-2021-41226 was published for tensorflow (pip) Nov 10, 2021
A use of uninitialized value vulnerability in Tensorflow Moderate
CVE-2021-41225 was published for tensorflow (pip) Nov 10, 2021
`SparseFillEmptyRows` heap OOB Moderate
CVE-2021-41224 was published for tensorflow (pip) Nov 10, 2021
Heap OOB in `FusedBatchNorm` kernels Moderate
CVE-2021-41223 was published for tensorflow (pip) Nov 10, 2021
Segfault due to negative splits in `SplitV` Moderate
CVE-2021-41222 was published for tensorflow (pip) Nov 10, 2021
FPE in `ParallelConcat` Moderate
CVE-2021-41207 was published for tensorflow (pip) Nov 10, 2021
Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops Moderate
CVE-2021-41205 was published for tensorflow (pip) Nov 10, 2021
Segfault while copying constant resource tensor Moderate
CVE-2021-41204 was published for tensorflow (pip) Nov 10, 2021
Overflow/crash in `tf.range` Moderate
CVE-2021-41202 was published for tensorflow (pip) Nov 10, 2021
Crash in `max_pool3d` when size argument is 0 or negative Moderate
CVE-2021-41196 was published for tensorflow (pip) Nov 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database