Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,618 advisories

Loading
Heap OOB in TFLite Moderate
CVE-2021-37685 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in TFLite's `Gather*` implementations Moderate
CVE-2021-37687 was published for tensorflow (pip) Aug 25, 2021
Infinite loop in TFLite Moderate
CVE-2021-37686 was published for tensorflow (pip) Aug 25, 2021
Use after free and segfault in shape inference functions Moderate
CVE-2021-37690 was published for tensorflow (pip) Aug 25, 2021
FPE in LSH in TFLite Moderate
CVE-2021-37691 was published for tensorflow (pip) Aug 25, 2021
Segfault on strings tensors with mistmatched dimensions, due to Go code Moderate
CVE-2021-37692 was published for tensorflow (pip) Aug 25, 2021
JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form> Moderate
CVE-2021-32797 was published for jupyterlab (pip) Aug 23, 2021
0xDeva
Open Redirect in Flask-User Moderate
CVE-2021-23401 was published for Flask-User (pip) Aug 9, 2021
XML External Entity Reference in Glances Moderate
CVE-2021-23418 was published for Glances (pip) Aug 9, 2021
Remote Code Execution via unsafe classes in otherwise permitted modules Moderate
CVE-2021-32807 was published for AccessControl (pip) Aug 5, 2021
Missing Authentication for Critical Function in Saleor Moderate
CVE-2020-7964 was published for saleor (pip) Jul 28, 2021
CRLF injection in urllib3 Moderate
CVE-2020-26137 was published for urllib3 (pip) Jun 18, 2021
Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone Moderate
CVE-2021-33507 was published for Plone (pip) Jun 18, 2021
Cross-site Scripting in Apache Airflow Moderate
CVE-2021-28359 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
Cross-site scripting in LocalStack Moderate
CVE-2021-32091 was published for localstack (pip) Jun 18, 2021
Deserialization of Untrusted Data in Flask-Caching Moderate
CVE-2021-33026 was published for Flask-Caching (pip) Jun 18, 2021
fluffy-critter
Cross-site scripting in Contentful Moderate
CVE-2020-13258 was published for contentful (pip) Jun 18, 2021
HTTP Request Smuggling in netius Moderate
CVE-2020-7655 was published for netius (pip) Jun 18, 2021
Improper Authentication in Apache Airflow Moderate
CVE-2021-26697 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
Apache Airflow Cross-site Scripting Moderate
CVE-2020-13944 was published for apache-airflow (pip) Jun 18, 2021
Cross-site Scripting in wagtail Moderate
CVE-2021-32681 was published for wagtail (pip) Jun 17, 2021
Server-Side Request Forgery in Plone Moderate
CVE-2021-33510 was published for Plone (pip) Jun 15, 2021
Insufficiently random values in Ansible Moderate
CVE-2020-10729 was published for ansible (pip) Jun 15, 2021
Open redirect in Flask-Unchained Moderate
CVE-2021-23393 was published for Flask-Unchained (pip) Jun 15, 2021
Path Traversal in Django Moderate
CVE-2021-33203 was published for Django (pip) Jun 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database