GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
29 advisories
Filter by severity
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt
Moderate
CVE-2020-7689
was published
for
bcrypt
(npm)
Aug 20, 2020
Integer overflow in TFLite concatentation
Moderate
CVE-2021-29601
was published
for
tensorflow
(pip)
May 21, 2021
Integer overflow in TFLite memory allocation
Moderate
CVE-2021-29605
was published
for
tensorflow
(pip)
May 21, 2021
Integer Overflow in Chunked Transfer-Encoding
Moderate
CVE-2021-32714
was published
for
hyper
(Rust)
Jul 12, 2021
Integer Overflow in openssl-src
Moderate
CVE-2021-23841
was published
for
openssl-src
(Rust)
Aug 25, 2021
Overflow/crash in `tf.image.resize` when size is large
Moderate
CVE-2021-41199
was published
for
tensorflow
(pip)
Nov 10, 2021
Overflow/crash in `tf.tile` when tiling tensor is large
Moderate
CVE-2021-41198
was published
for
tensorflow
(pip)
Nov 10, 2021
Crashes due to overflow and `CHECK`-fail in ops with large tensor shapes
Moderate
CVE-2021-41197
was published
for
tensorflow
(pip)
Nov 10, 2021
Crash in `tf.math.segment_*` operations
Moderate
CVE-2021-41195
was published
for
tensorflow
(pip)
Nov 10, 2021
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration in RunC
Moderate
CVE-2021-43784
was published
for
github.com/opencontainers/runc
(Go)
Dec 7, 2021
Integer Overflow or Wraparound in TensorFlow
Moderate
GHSA-wcv5-vrvr-3rx2
was published
for
tensorflow
(pip)
Feb 9, 2022
Memory exhaustion in Tensorflow
Moderate
CVE-2022-21733
was published
for
tensorflow
(pip)
Feb 10, 2022
Buffer Overflow in yajl-ruby
Moderate
CVE-2022-24795
was published
for
yajl-ruby
(RubyGems)
Apr 5, 2022
Integer Overflow or Wraparound in JBCrypt
Moderate
CVE-2015-0886
was published
for
org.mindrot:jbcrypt
(Maven)
May 13, 2022
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Integer overflow in BCrypt class in Spring Security
Moderate
CVE-2022-22976
was published
for
org.springframework.security:spring-security-core
(Maven)
May 20, 2022
Integer overflow in `SpaceToBatchND`
Moderate
CVE-2022-29203
was published
for
tensorflow
(pip)
May 24, 2022
`CHECK` failure in depthwise ops via overflows
Moderate
GHSA-mw6j-hh29-h379
was published
for
tensorflow
(pip)
May 25, 2022
Incorrect parsing of EVM reversion exit reason in RPC
Moderate
CVE-2022-36008
was published
for
fc-rpc
(Rust)
Aug 18, 2022
TensorFlow vulnerable to Int overflow in `RaggedRangeOp`
Moderate
CVE-2022-35940
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to segfault when opening multiframe gif
Moderate
CVE-2023-25667
was published
for
tensorflow
(pip)
Mar 24, 2023
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
Moderate
CVE-2023-34453
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
snappy-java's Integer Overflow vulnerability in compress leads to DoS
Moderate
CVE-2023-34454
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
ProTip!
Advisories are also available from the
GraphQL API