GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
1,620 advisories
Filter by severity
Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix`
Moderate
CVE-2022-29198
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `UnsortedSegmentJoin`
Moderate
CVE-2022-29197
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2`
Moderate
CVE-2022-29196
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `StagePeek`
Moderate
CVE-2022-29195
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `DeleteSessionTensor`
Moderate
CVE-2022-29194
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation crashes `QuantizeAndDequantizeV4Grad`
Moderate
CVE-2022-29192
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `GetSessionTensor`
Moderate
CVE-2022-29191
was published
for
tensorflow
(pip)
May 24, 2022
Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page
Moderate
CVE-2021-32609
was published
for
apache-superset
(pip)
May 24, 2022
furlongm openvpn-monitor allows CSRF to disconnect an arbitrary client
Moderate
CVE-2021-31604
was published
for
openvpn-monitor
(pip)
May 24, 2022
GNU Mailman Postorius Access Control Issues
Moderate
CVE-2021-40347
was published
for
postorius
(pip)
May 24, 2022
Mezzanine Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2020-19002
was published
for
Mezzanine
(pip)
May 24, 2022
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2020-18699
was published
for
lin-cms
(pip)
May 24, 2022
Plone has stored XSS in folder contents
Moderate
CVE-2021-35959
was published
for
plone
(pip)
May 24, 2022
Plone XSS in User Fullname Property and File Upload
Moderate
CVE-2021-3313
was published
for
plone
(pip)
May 24, 2022
OctoPrint API Error Messages vulnerable to XSS
Moderate
CVE-2021-32561
was published
for
OctoPrint
(pip)
May 24, 2022
SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod
Moderate
CVE-2021-25284
was published
for
salt
(pip)
May 24, 2022
NFStream Local Denial of Service (DoS)
Moderate
CVE-2020-25340
was published
for
nfstream
(pip)
May 24, 2022
qlib Deserialization of Untrusted Data vulnerability
Moderate
CVE-2021-23338
was published
for
pyqlib
(pip)
May 24, 2022
Cross-Site Request Forgery in JupyterHub
Moderate
CVE-2020-36191
was published
for
jupyterhub
(pip)
May 24, 2022
OpenStack Horizon Open redirect in workflow forms
Moderate
CVE-2020-29565
was published
for
horizon
(pip)
May 24, 2022
snapcraft Access Restriction Bypass
Moderate
CVE-2020-27348
was published
for
snapcraft
(pip)
May 24, 2022
Cabot Cross Site Scripting (XSS) vulnerability via Address column
Moderate
CVE-2020-25449
was published
for
cabot
(pip)
May 24, 2022
Locust Stored Cross-site Scripting Vulnerability
Moderate
CVE-2020-28364
was published
for
locust
(pip)
May 24, 2022
SaltStack Salt Allows creating certificates with weak file permissions
Moderate
CVE-2020-17490
was published
for
salt
(pip)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API