GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
99 advisories
Filter by severity
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-24908
was published
Mar 28, 2023
In pqframework, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2023-20627
was published
Mar 7, 2023
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at...
Moderate
Unreviewed
CVE-2022-2520
was published
Sep 1, 2022
Incorrect buffer size calculation in iced-x86
Critical
CVE-2021-38188
was published
for
iced-x86
(Rust)
Aug 25, 2021
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS)....
High
Unreviewed
CVE-2020-36475
was published
May 24, 2022
In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer...
Moderate
Unreviewed
CVE-2022-26474
was published
Oct 8, 2022
In mtk-isp, there is a possible use after free due to a logic error. This could lead to local...
Moderate
Unreviewed
CVE-2022-32650
was published
Jan 3, 2023
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local...
Moderate
Unreviewed
CVE-2022-32651
was published
Jan 3, 2023
In jpeg, there is a possible use after free due to a logic error. This could lead to local...
Moderate
Unreviewed
CVE-2022-32649
was published
Jan 3, 2023
process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as...
Moderate
Unreviewed
CVE-2017-14934
was published
May 13, 2022
In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a...
High
Unreviewed
CVE-2017-13289
was published
May 13, 2022
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local...
High
Unreviewed
CVE-2017-0569
was published
May 13, 2022
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are...
High
Unreviewed
CVE-2017-0166
was published
May 13, 2022
Heap buffer overflow in `StringNGrams`
Low
CVE-2021-29542
was published
for
tensorflow
(pip)
May 21, 2021
Heap buffer overflow in `QuantizedMul`
Low
CVE-2021-29535
was published
for
tensorflow
(pip)
May 21, 2021
Heap buffer overflow caused by rounding
Low
CVE-2021-29529
was published
for
tensorflow
(pip)
May 21, 2021
Segfault in SparseCountSparseOutput
Low
CVE-2021-29521
was published
for
tensorflow
(pip)
May 21, 2021
Heap buffer overflow in `SparseTensorToCSRSparseMatrix`
Low
CVE-2021-29545
was published
for
tensorflow
(pip)
May 21, 2021
Heap buffer overflow in `QuantizedResizeBilinear`
Low
CVE-2021-29537
was published
for
tensorflow
(pip)
May 21, 2021
Heap OOB and null pointer dereference in `RaggedTensorToTensor`
Moderate
CVE-2021-29608
was published
for
tensorflow
(pip)
May 21, 2021
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a...
High
Unreviewed
CVE-2014-3468
was published
May 13, 2022
Overflow in `FusedResizeAndPadConv2D`
Moderate
CVE-2022-41885
was published
for
tensorflow
(pip)
Nov 21, 2022
Overflow in `ImageProjectiveTransformV2`
Moderate
CVE-2022-41886
was published
for
tensorflow
(pip)
Nov 21, 2022
Overflow in `tf.keras.losses.poisson`
Moderate
CVE-2022-41887
was published
for
tensorflow
(pip)
Nov 21, 2022
Overflow in `ResizeNearestNeighborGrad`
Moderate
CVE-2022-41907
was published
for
tensorflow
(pip)
Nov 21, 2022
ProTip!
Advisories are also available from the
GraphQL API