GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
12,432 advisories
Filter by severity
Rdiffweb vulnerable to Missing Authentication for Critical Function
Low
CVE-2022-4018
was published
for
rdiffweb
(pip)
Nov 16, 2022
This issue was addressed through improved state management. This issue is fixed in tvOS 17.4, iOS...
Low
Unreviewed
CVE-2024-23293
was published
Mar 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Low
Unreviewed
CVE-2024-23843
was published
Oct 28, 2024
Funadmin Cross-site Scripting vulnerability
Low
CVE-2024-48228
was published
for
funadmin/funadmin
(Composer)
Oct 26, 2024
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow
Low
CVE-2019-16778
was published
for
tensorflow
(pip)
Dec 16, 2019
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in...
Low
Unreviewed
CVE-2024-8013
was published
Oct 28, 2024
Lack of validation in data format attributes in TensorFlow
Low
CVE-2020-26267
was published
for
tensorflow
(pip)
Dec 10, 2020
Segfault in SparseCountSparseOutput
Low
CVE-2021-29521
was published
for
tensorflow
(pip)
May 21, 2021
CHECK-fail in SparseCross due to type confusion
Low
CVE-2021-29519
was published
for
tensorflow
(pip)
May 21, 2021
Null pointer dereference via invalid Ragged Tensors
Low
CVE-2021-29516
was published
for
tensorflow
(pip)
May 21, 2021
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-5532
was published
Oct 28, 2024
Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs
Low
CVE-2024-49755
was published
for
Duende.IdentityServer
(NuGet)
Oct 28, 2024
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere...
Low
Unreviewed
CVE-2024-30106
was published
Oct 29, 2024
Profile files from TRO600 series radios are extracted in plain-text
and encrypted file formats....
Low
Unreviewed
CVE-2024-41156
was published
Oct 29, 2024
This issue was addressed by restricting options offered on a locked device. This issue is fixed...
Low
Unreviewed
CVE-2022-46724
was published
Aug 15, 2023
When a protocol selection parameter option disables all protocols without adding any then the...
Low
Unreviewed
CVE-2024-2004
was published
Mar 27, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: virt_wifi: avoid...
Low
Unreviewed
CVE-2024-43841
was published
Aug 17, 2024
This issue was addressed by restricting options offered on a locked device. This issue is fixed...
Low
Unreviewed
CVE-2024-40851
was published
Oct 28, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Low
Unreviewed
CVE-2024-44123
was published
Oct 28, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17,...
Low
Unreviewed
CVE-2023-35990
was published
Sep 27, 2023
Some Honor products are affected by information leak vulnerability, successful exploitation...
Low
Unreviewed
CVE-2023-23437
was published
Dec 29, 2023
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive...
Low
Unreviewed
CVE-2023-37521
was published
Jan 16, 2024
BTS is affected by information disclosure vulnerability where mobile network operator personnel...
Low
Unreviewed
CVE-2023-25189
was published
Sep 25, 2024
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize...
Low
Unreviewed
CVE-2023-20513
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API