Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,618 advisories

Loading
LIEF vulnerable to denial of service through segmentation fault Moderate
CVE-2022-40923 was published for lief (pip) Oct 1, 2022
rdiffweb vulnerable to password complexity bypass leading to weak passwords Moderate
CVE-2022-3326 was published for rdiffweb (pip) Sep 30, 2022
Inventree vulnerable to Stored Cross-site Scripting Moderate
CVE-2022-3355 was published for inventree (pip) Sep 30, 2022
rdiffweb's unlimited length Fullname field can lead to DoS Moderate
CVE-2022-3364 was published for rdiffweb (pip) Sep 30, 2022
rdiffweb vulnerable to Use of Cache Containing Sensitive Information Moderate
CVE-2022-3292 was published for rdiffweb (pip) Sep 29, 2022
rdiffweb vulnerable to Improper Cleanup on Thrown Exception Moderate
CVE-2022-3301 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb Cross-Site Request Forgery vulnerability Moderate
CVE-2022-3267 was published for rdiffweb (pip) Sep 23, 2022
Apache Airflow contains open redirect Moderate
CVE-2022-40754 was published for apache-airflow (pip) Sep 22, 2022
OctoPrint vulnerable to Insufficient Session Expiration. Moderate
CVE-2022-2888 was published for OctoPrint (pip) Sep 22, 2022
rdiffweb has insecure HTTP cookies Moderate
CVE-2022-3250 was published for rdiffweb (pip) Sep 22, 2022
rdiffweb CSRF could lead to disabling notifications in user profile Moderate
CVE-2022-3233 was published for rdiffweb (pip) Sep 22, 2022
jwcrypto token substitution can lead to authentication bypass Moderate
CVE-2022-3102 was published for jwcrypto (pip) Sep 21, 2022
rdiffweb CSRF vulnerability in admin area can lead to deletion of repositories and users Moderate
CVE-2022-3232 was published for rdiffweb (pip) Sep 18, 2022
TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices` Moderate
CVE-2022-35983 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal` Moderate
CVE-2022-35984 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `LRNGrad` Moderate
CVE-2022-35985 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `RaggedBincount` Moderate
CVE-2022-35986 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank` Moderate
CVE-2022-35988 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `MaxPool` Moderate
CVE-2022-35989 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `SparseBincount` Moderate
CVE-2022-35982 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad` Moderate
CVE-2022-35981 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedRelu` and `QuantizedRelu6` Moderate
CVE-2022-35979 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange` Moderate
CVE-2022-35974 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedMatMul` Moderate
CVE-2022-35973 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedBiasAdd` Moderate
CVE-2022-35972 was published for tensorflow (pip) Sep 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database