Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

23,936 advisories

Loading
Cross-site Scripting in kiwitcms Moderate
CVE-2022-4105 was published for kiwitcms (pip) Nov 21, 2022
Cross-site Scripting in Backdrop CMS Moderate
CVE-2022-42096 was published for backdrop/backdrop (Composer) Nov 21, 2022
`MirrorPadGrad` heap out of bounds read Moderate
CVE-2022-41895 was published for tensorflow (pip) Nov 21, 2022
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite High
CVE-2022-41894 was published for tensorflow (pip) Nov 21, 2022
richardfan0606
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize` Moderate
CVE-2022-41893 was published for tensorflow (pip) Nov 21, 2022
Segfault in `tf.raw_ops.TensorListConcat` Moderate
CVE-2022-41891 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail in `BCast` overflow Moderate
CVE-2022-41890 was published for tensorflow (pip) Nov 21, 2022
Segfault via invalid attributes in `pywrap_tfe_src.cc` Moderate
CVE-2022-41889 was published for tensorflow (pip) Nov 21, 2022
vulnerability-analyst
FPE in `tf.image.generate_bounding_box_proposals` Moderate
CVE-2022-41888 was published for tensorflow (pip) Nov 21, 2022
Overflow in `tf.keras.losses.poisson` Moderate
CVE-2022-41887 was published for tensorflow (pip) Nov 21, 2022
Overflow in `ImageProjectiveTransformV2` Moderate
CVE-2022-41886 was published for tensorflow (pip) Nov 21, 2022
Overflow in `FusedResizeAndPadConv2D` Moderate
CVE-2022-41885 was published for tensorflow (pip) Nov 21, 2022
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs Moderate
CVE-2022-41884 was published for tensorflow (pip) Nov 21, 2022
Out of bounds segmentation fault due to unequal op inputs in Tensorflow Moderate
CVE-2022-41883 was published for tensorflow (pip) Nov 21, 2022
Leak in Aliyun KeySecret Moderate
CVE-2022-39397 was published for aliyun-oss-client (Rust) Nov 21, 2022
Lack of proper validation of server UUID can be used by the server to trick the client to accept invalid proofs Moderate
CVE-2022-39199 was published for github.com/codenotary/immudb (Go) Nov 21, 2022
Insufficient Verification of Proofs generated by the immudb server in client SDK. Moderate
CVE-2022-36111 was published for github.com/codenotary/immudb (Go) Nov 21, 2022
Cross-site Scripting in Apache Hama High
CVE-2022-45470 was published for org.apache.hama:hama-core (Maven) Nov 21, 2022
Garbage collection issue in BC-FJA in Java 13 and later Moderate
CVE-2022-45146 was published for org.bouncycastle:bc-fips (Maven) Nov 21, 2022
SQL injection in Dolibarr Critical
CVE-2022-4093 was published for dolibarr/dolibarr (Composer) Nov 21, 2022
Deserialization of Untrusted Data in librenms/librenms High
CVE-2022-3525 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3516 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3562 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3561 was published for librenms/librenms (Composer) Nov 20, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-4067 was published for librenms/librenms (Composer) Nov 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database