Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,010
NuGet
720
pip
3,810
Pub
12
RubyGems
930
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,810 advisories

Loading
Open redirect in web2py Moderate
CVE-2022-33146 was published for web2py (pip) Jun 28, 2022
ChainerRL Visualizer 0.1.1 vulnerable to Path Traversal via unsafe use of send_file function Critical
CVE-2022-31573 was published for chainerrl-visualizer (pip) Jul 12, 2022
Incorrect Comparison in NumPy Moderate
CVE-2021-34141 was published for numpy (pip) Dec 18, 2021
Sony Neural Network Libraries reliance on untrusted inputs prior to v1.0.10 Critical
CVE-2019-10844 was published for nnabla (pip) May 13, 2022
westonsteimel
Open Redirect in Apache Superset Moderate
CVE-2021-28125 was published for apache-superset (pip) Oct 6, 2021
westonsteimel
Numpy missing input validation High
CVE-2017-12852 was published for numpy (pip) May 13, 2022
jhutchings1
Dynamic modification of RPyC service due to missing security check High
CVE-2019-16328 was published for rpyc (pip) Feb 17, 2021
comrumino
Regular expression denial of service in eth-account Moderate
CVE-2022-1930 was published for eth-account (pip) Aug 23, 2022
Apache Airflow Hive Provider vulnerable to Command Injection Critical
CVE-2022-46421 was published for apache-airflow-providers-apache-hive (pip) Dec 20, 2022
Path Traversal in nemo-toolkit Moderate
CVE-2022-22821 was published for nemo-toolkit (pip) Jan 11, 2022
Maltego incorrectly shares a MISP connection across users in a remote-transform use case Critical
CVE-2020-12889 was published for MISP-maltego (pip) May 24, 2022
westonsteimel
TensorFlow vulnerable to `CHECK` fail in `DenseBincount` Moderate
CVE-2022-35987 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `tf.sparse.cross` Moderate
CVE-2022-35997 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput` Moderate
CVE-2022-35999 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to OOB read in `Gather_nd` in TF Lite High
CVE-2022-35937 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` failures in `AvgPool3DGrad` Moderate
CVE-2022-35959 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedAdd` Moderate
CVE-2022-35967 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedInstanceNorm` Moderate
CVE-2022-35970 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVars` Moderate
CVE-2022-35971 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `TensorListScatter` and `TensorListScatterV2` Moderate
CVE-2022-35991 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to floating point exception in `Conv2D` Moderate
CVE-2022-35996 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `Unbatch` Moderate
CVE-2022-36002 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef` Moderate
CVE-2022-36013 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to integer overflow in math ops Low
CVE-2022-36015 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad` Moderate
CVE-2022-35981 was published for tensorflow (pip) Sep 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database