Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

249 advisories

Loading
TensorFlow vulnerable to segfault in `QuantizedRelu` and `QuantizedRelu6` Moderate
CVE-2022-35979 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange` Moderate
CVE-2022-35974 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedMatMul` Moderate
CVE-2022-35973 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedBiasAdd` Moderate
CVE-2022-35972 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedInstanceNorm` Moderate
CVE-2022-35970 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedAdd` Moderate
CVE-2022-35967 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `QuantizedAvgPool` Moderate
CVE-2022-35966 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `BlockLSTMGradV2` Moderate
CVE-2022-35964 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `Requantize` Moderate
CVE-2022-36017 was published for tensorflow (pip) Sep 16, 2022
TensorFlow segfault TFLite converter on per-channel quantized transposed convolutions Moderate
CVE-2022-36027 was published for tensorflow (pip) Sep 16, 2022
OAuthLib vulnerable to DoS when attacker provides malicious IPV6 URI Moderate
CVE-2022-36087 was published for oauthlib (pip) Sep 16, 2022
SCH227 loljawn
mangadex-downloader vulnerable to unauthorized file reading Moderate
CVE-2022-36082 was published for mangadex-downloader (pip) Sep 16, 2022
ansible-runner vulnerable to shell command injection High
CVE-2021-4041 was published for ansible-runner (pip) Aug 25, 2022
django-sendfile2 before 0.7.0 contains reflected file download vulnerability High
GHSA-pcjh-6r5h-r92r was published for django-sendfile2 (pip) Aug 11, 2022
moggers87 sergei-maertens
Incomplete validation in signal ops leads to crashes in TensorFlow Moderate
CVE-2022-29213 was published for tensorflow (pip) May 24, 2022
Core dump when loading TFLite models with quantization in TensorFlow Moderate
CVE-2022-29212 was published for tensorflow (pip) May 24, 2022
Segfault if `tf.histogram_fixed_width` is called with NaN values in TensorFlow Moderate
CVE-2022-29211 was published for tensorflow (pip) May 24, 2022
Undefined behavior when users supply invalid resource handles Moderate
CVE-2022-29207 was published for tensorflow (pip) May 24, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd Moderate
CVE-2022-29206 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2` Moderate
CVE-2022-29204 was published for tensorflow (pip) May 24, 2022
Denial of service in `tf.ragged.constant` due to lack of validation Moderate
CVE-2022-29202 was published for tensorflow (pip) May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D` Moderate
CVE-2022-29201 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LSTMBlockCell` Moderate
CVE-2022-29200 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LoadAndRemapMatrix` Moderate
CVE-2022-29199 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix` Moderate
CVE-2022-29198 was published for tensorflow (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database