Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,620 advisories

Loading
Cross Site Scripting (XSS) in Quokka Moderate
CVE-2020-18702 was published for quokka (pip) Aug 30, 2021
Floating point exception in `SparseDenseCwiseDiv` Moderate
CVE-2021-37636 was published for tensorflow (pip) Aug 25, 2021
Integer division by 0 in sparse reshaping Moderate
CVE-2021-37640 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `RaggedGather` Moderate
CVE-2021-37641 was published for tensorflow (pip) Aug 25, 2021
Division by 0 in `ResourceScatterDiv` Moderate
CVE-2021-37642 was published for tensorflow (pip) Aug 25, 2021
`std::abort` raised from `TensorListReserve` Moderate
CVE-2021-37644 was published for tensorflow (pip) Aug 25, 2021
Integer overflow due to conversion to unsigned Moderate
CVE-2021-37645 was published for tensorflow (pip) Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion Moderate
CVE-2021-37646 was published for tensorflow (pip) Aug 25, 2021
Division by 0 in `ResourceGather` Moderate
CVE-2021-37653 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `RaggedTensorToSparse` Moderate
CVE-2021-37656 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `MatrixDiagV*` ops Moderate
CVE-2021-37657 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `MatrixSetDiagV*` ops Moderate
CVE-2021-37658 was published for tensorflow (pip) Aug 25, 2021
Division by 0 in inplace operations Moderate
CVE-2021-37660 was published for tensorflow (pip) Aug 25, 2021
Crash caused by integer conversion to unsigned Moderate
CVE-2021-37661 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in boosted trees Moderate
CVE-2021-37662 was published for tensorflow (pip) Aug 25, 2021
FPE in `tf.raw_ops.UnravelIndex` Moderate
CVE-2021-37668 was published for tensorflow (pip) Aug 25, 2021
Crash in NMS ops caused by integer conversion to unsigned Moderate
CVE-2021-37669 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `UpperBound` and `LowerBound` Moderate
CVE-2021-37670 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `SdcaOptimizerV2` Moderate
CVE-2021-37672 was published for tensorflow (pip) Aug 25, 2021
`CHECK`-fail in `MapStage` Moderate
CVE-2021-37673 was published for tensorflow (pip) Aug 25, 2021
Incomplete validation in `MaxPoolGrad` Moderate
CVE-2021-37674 was published for tensorflow (pip) Aug 25, 2021
Division by 0 in most convolution operators Moderate
CVE-2021-37675 was published for tensorflow (pip) Aug 25, 2021
Missing validation in shape inference for `Dequantize` Moderate
CVE-2021-37677 was published for tensorflow (pip) Aug 25, 2021
Division by zero in TFLite Moderate
CVE-2021-37680 was published for tensorflow (pip) Aug 25, 2021
Use of unitialized value in TFLite Moderate
CVE-2021-37682 was published for tensorflow (pip) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database