GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Overflow/crash in `tf.range`
Moderate
CVE-2021-41202
was published
for
tensorflow
(pip)
Nov 10, 2021
Heap OOB in nested `tf.map_fn` with `RaggedTensor`s
High
CVE-2021-37679
was published
for
tensorflow
(pip)
Aug 25, 2021
Crash in NMS ops caused by integer conversion to unsigned
Moderate
CVE-2021-37669
was published
for
tensorflow
(pip)
Aug 25, 2021
Crash caused by integer conversion to unsigned
Moderate
CVE-2021-37661
was published
for
tensorflow
(pip)
Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion
Moderate
CVE-2021-37646
was published
for
tensorflow
(pip)
Aug 25, 2021
Integer overflow due to conversion to unsigned
Moderate
CVE-2021-37645
was published
for
tensorflow
(pip)
Aug 25, 2021
Segfault in tf.raw_ops.ImmutableConst
Low
CVE-2021-29539
was published
for
tensorflow
(pip)
May 21, 2021
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow
Low
CVE-2019-16778
was published
for
tensorflow
(pip)
Dec 16, 2019
Potential DoS with NumberFilter conversion to integer values.
High
CVE-2020-15225
was published
for
django-filter
(pip)
Sep 28, 2020
Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets
High
CVE-2022-34169
was published
for
xalan:xalan
(Maven)
Jul 20, 2022
vyper's range(start, start + N) reverts for negative numbers
Moderate
CVE-2024-32481
was published
for
vyper
(pip)
Apr 25, 2024
Okio Signed to Unsigned Conversion Error vulnerability
Moderate
CVE-2023-3635
was published
for
com.squareup.okio:okio
(Maven)
Jul 12, 2023
Besu VM vulnerable to gas allocation error in CALL operations
Critical
CVE-2022-36025
was published
for
org.hyperledger.besu:evm
(Maven)
Sep 23, 2022
Signed to Unsigned Conversion Error in Facebook Hermes
High
CVE-2020-1913
was published
for
hermes-engine
(npm)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API