Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,511 advisories

Loading
Null pointer dereference in `MatrixDiagPartOp` High
CVE-2021-37643 was published for tensorflow (pip) Aug 25, 2021
Null pointer dereference in `SparseTensorSliceDataset` High
CVE-2021-37647 was published for tensorflow (pip) Aug 25, 2021
Incorrect validation of `SaveV2` inputs High
CVE-2021-37648 was published for tensorflow (pip) Aug 25, 2021
Null pointer dereference in `UncompressElement` High
CVE-2021-37649 was published for tensorflow (pip) Aug 25, 2021
Segfault and heap buffer overflow in `{Experimental,}DatasetToTFRecord` High
CVE-2021-37650 was published for tensorflow (pip) Aug 25, 2021
Heap buffer overflow in `FractionalAvgPoolGrad` High
CVE-2021-37651 was published for tensorflow (pip) Aug 25, 2021
Use after free in boosted trees creation High
CVE-2021-37652 was published for tensorflow (pip) Aug 25, 2021
Heap OOB and CHECK fail in `ResourceGather` High
CVE-2021-37654 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `ResourceScatterUpdate` High
CVE-2021-37655 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr and heap OOB in binary cwise ops High
CVE-2021-37659 was published for tensorflow (pip) Aug 25, 2021
Incomplete validation in `QuantizeV2` High
CVE-2021-37663 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in boosted trees High
CVE-2021-37664 was published for tensorflow (pip) Aug 25, 2021
Incomplete validation in MKL requantization High
CVE-2021-37665 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `RaggedTensorToVariant` High
CVE-2021-37666 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in unicode encoding High
CVE-2021-37667 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in map operations High
CVE-2021-37671 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in shape inference High
CVE-2021-37676 was published for tensorflow (pip) Aug 25, 2021
Arbitrary code execution due to YAML deserialization High
CVE-2021-37678 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in nested `tf.map_fn` with `RaggedTensor`s High
CVE-2021-37679 was published for tensorflow (pip) Aug 25, 2021
NPE in TFLite High
CVE-2021-37681 was published for tensorflow (pip) Aug 25, 2021
Null pointer dereference in TFLite High
CVE-2021-37688 was published for tensorflow (pip) Aug 25, 2021
Null pointer dereference in TFLite MLIR optimizations High
CVE-2021-37689 was published for tensorflow (pip) Aug 25, 2021
KateCatlin
Special Element Injection in notebook High
CVE-2021-32798 was published for notebook (pip) Aug 23, 2021
0xDeva
Command injection in Yamale High
CVE-2021-38305 was published for yamale (pip) Aug 11, 2021
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database