Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,618 advisories

Loading
UBI Reader vulnerable to Path Traversal Moderate
CVE-2022-4572 was published for ubi-reader (pip) Dec 17, 2022
collective.task Cross-site Scripting vulnerability Moderate
CVE-2022-4527 was published for collective.task (pip) Dec 15, 2022
django-photologue vulnerable to Cross-site Scripting Moderate
CVE-2022-4526 was published for django-photologue (pip) Dec 15, 2022
collective.dms.basecontent Cross-site Scripting vulnerability Moderate
CVE-2022-4495 was published for collective.dms.basecontent (pip) Dec 14, 2022
Sentry vulnerable to invite code reuse via cookie manipulation Moderate
CVE-2022-23485 was published for sentry (pip) Dec 12, 2022
tdunlap607
pyRdfa3 Cross-site Scripting vulnerability Moderate
CVE-2022-4396 was published for pyRdfa3 (pip) Dec 10, 2022
Certifi removing TrustCor root certificate Moderate
CVE-2022-23491 was published for certifi (pip) Dec 7, 2022
OS Command Injection in Apache Airflow Moderate
CVE-2022-40954 was published for apache-airflow (pip) Nov 22, 2022
Tensorflow vulnerable to Out-of-Bounds Read Moderate
CVE-2022-41880 was published for tensorflow (pip) Nov 22, 2022
Invalid char to bool conversion when printing a tensor Moderate
CVE-2022-41911 was published for tensorflow (pip) Nov 21, 2022
Heap overflow in `QuantizeAndDequantizeV2` Moderate
CVE-2022-41910 was published for tensorflow (pip) Nov 21, 2022
Segfault in `CompositeTensorVariantToComponents` Moderate
CVE-2022-41909 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `PyFunc` Moderate
CVE-2022-41908 was published for tensorflow (pip) Nov 21, 2022
Overflow in `ResizeNearestNeighborGrad` Moderate
CVE-2022-41907 was published for tensorflow (pip) Nov 21, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ` Moderate
CVE-2022-41901 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `SdcaOptimizer` Moderate
CVE-2022-41899 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad` Moderate
CVE-2022-41898 was published for tensorflow (pip) Nov 21, 2022
`FractionalMaxPoolGrad` Heap out of bounds read Moderate
CVE-2022-41897 was published for tensorflow (pip) Nov 21, 2022
`tf.raw_ops.Mfcc` crashes Moderate
CVE-2022-41896 was published for tensorflow (pip) Nov 21, 2022
Cross-site Scripting in kiwitcms Moderate
CVE-2022-4105 was published for kiwitcms (pip) Nov 21, 2022
`MirrorPadGrad` heap out of bounds read Moderate
CVE-2022-41895 was published for tensorflow (pip) Nov 21, 2022
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize` Moderate
CVE-2022-41893 was published for tensorflow (pip) Nov 21, 2022
Segfault in `tf.raw_ops.TensorListConcat` Moderate
CVE-2022-41891 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail in `BCast` overflow Moderate
CVE-2022-41890 was published for tensorflow (pip) Nov 21, 2022
Segfault via invalid attributes in `pywrap_tfe_src.cc` Moderate
CVE-2022-41889 was published for tensorflow (pip) Nov 21, 2022
vulnerability-analyst
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database