GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
29 advisories
Filter by severity
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21733
was published
for
tensorflow
(pip)
Feb 10, 2022
Crashes due to overflow and `CHECK`-fail in ops with large tensor shapes
Moderate
CVE-2021-41197
was published
for
tensorflow
(pip)
Nov 10, 2021
Overflow/crash in `tf.tile` when tiling tensor is large
Moderate
CVE-2021-41198
was published
for
tensorflow
(pip)
Nov 10, 2021
Crash in `tf.math.segment_*` operations
Moderate
CVE-2021-41195
was published
for
tensorflow
(pip)
Nov 10, 2021
Integer overflow in TFLite memory allocation
Moderate
CVE-2021-29605
was published
for
tensorflow
(pip)
May 21, 2021
Integer overflow in TFLite concatentation
Moderate
CVE-2021-29601
was published
for
tensorflow
(pip)
May 21, 2021
Overflow/crash in `tf.image.resize` when size is large
Moderate
CVE-2021-41199
was published
for
tensorflow
(pip)
Nov 10, 2021
Incorrect parsing of EVM reversion exit reason in RPC
Moderate
CVE-2022-36008
was published
for
fc-rpc
(Rust)
Aug 18, 2022
Integer overflow in BCrypt class in Spring Security
Moderate
CVE-2022-22976
was published
for
org.springframework.security:spring-security-core
(Maven)
May 20, 2022
BoringSSLAEADContext in Netty Repeats Nonces
Moderate
CVE-2024-36121
was published
for
io.netty.incubator:netty-incubator-codec-ohttp
(Maven)
Jun 5, 2024
libdav1d-sys affected by dav1d AV1 decoder integer overflow
Moderate
GHSA-mc39-h54g-pvw6
was published
for
libdav1d-sys
(Rust)
Apr 5, 2024
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration in RunC
Moderate
CVE-2021-43784
was published
for
github.com/opencontainers/runc
(Go)
Dec 7, 2021
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Vapor contains an integer overflow in URI leading to potential host spoofing
Moderate
CVE-2024-21631
was published
for
github.com/vapor/vapor
(Swift)
Jan 3, 2024
.eth registrar controller can shorten the duration of registered names
Moderate
CVE-2023-38698
was published
for
@ensdomains/ens-contracts
(npm)
Aug 1, 2023
snappy-java's Integer Overflow vulnerability in compress leads to DoS
Moderate
CVE-2023-34454
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
Moderate
CVE-2023-34453
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
Buffer Overflow in yajl-ruby
Moderate
CVE-2022-24795
was published
for
yajl-ruby
(RubyGems)
Apr 5, 2022
Integer Overflow in openssl-src
Moderate
CVE-2021-23841
was published
for
openssl-src
(Rust)
Aug 25, 2021
TensorFlow vulnerable to segfault when opening multiframe gif
Moderate
CVE-2023-25667
was published
for
tensorflow
(pip)
Mar 24, 2023
Integer Overflow in Chunked Transfer-Encoding
Moderate
CVE-2021-32714
was published
for
hyper
(Rust)
Jul 12, 2021
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt
Moderate
CVE-2020-7689
was published
for
bcrypt
(npm)
Aug 20, 2020
TensorFlow vulnerable to Int overflow in `RaggedRangeOp`
Moderate
CVE-2022-35940
was published
for
tensorflow
(pip)
Sep 16, 2022
ProTip!
Advisories are also available from the
GraphQL API