Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

74 advisories

Loading
`CHECK`-fails due to attempting to build a reference tensor Moderate
CVE-2022-23588 was published for tensorflow (pip) Feb 9, 2022
Multiple `CHECK`-fails in `function.cc` in TensowFlow Moderate
CVE-2022-23586 was published for tensorflow (pip) Feb 9, 2022
`CHECK`-failures in `TensorByteSize` in Tensorflow Moderate
CVE-2022-23582 was published for tensorflow (pip) Feb 10, 2022
`CHECK`-failures in binary ops in Tensorflow Moderate
CVE-2022-23583 was published for tensorflow (pip) Feb 10, 2022
`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow Moderate
CVE-2022-23581 was published for tensorflow (pip) Feb 7, 2022
`CHECK`-failures during Grappler's `SafeToRemoveIdentity` in Tensorflow Moderate
CVE-2022-23579 was published for tensorflow (pip) Feb 10, 2022
Lack of validation in `SparseDenseCwiseMul` Low
CVE-2021-29567 was published for tensorflow (pip) May 21, 2021
CHECK-fail in `LoadAndRemapMatrix` Low
CVE-2021-29561 was published for tensorflow (pip) May 21, 2021
CHECK-fail in `tf.raw_ops.IRFFT` Low
CVE-2021-29562 was published for tensorflow (pip) May 21, 2021
CHECK-fail in `tf.raw_ops.RFFT` Low
CVE-2021-29563 was published for tensorflow (pip) May 21, 2021
CHECK-failure in `UnsortedSegmentJoin` Low
CVE-2021-29552 was published for tensorflow (pip) May 21, 2021
CHECK-fail in `CTCGreedyDecoder` Low
CVE-2021-29543 was published for tensorflow (pip) May 21, 2021
Denial of Service in Tensorflow Moderate
CVE-2020-15197 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow Moderate
CVE-2020-15194 was published for tensorflow (pip) Sep 25, 2020
wasmtime has a runtime crash when combining tail calls with trapping imports Moderate
CVE-2024-47763 was published for wasmtime (Rust) Oct 9, 2024
alexcrichton fitzgen
vLLM denial of service vulnerability High
CVE-2024-8768 was published for vllm (pip) Sep 17, 2024
Denial of Service via reachable assertion High
CVE-2022-24777 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
xml-rs vulnerable to denial of service via invalid token in XML document High
CVE-2023-34411 was published for xml-rs (Rust) Jun 5, 2023
00xc
Incorrect implementation in streebog High
CVE-2019-25007 was published for streebog (Rust) Aug 25, 2021
gRPC Reachable Assertion issue High
CVE-2023-1428 was published for grpc (RubyGems) Jul 6, 2023
jonasfj
malformed proposed intoto entries can cause a panic Moderate
CVE-2023-33199 was published for github.com/sigstore/rekor (Go) May 26, 2023
cordova-plugin-fingerprint-aio DoS vulnerability Moderate
CVE-2021-43849 was published for cordova-plugin-fingerprint-aio (npm) Nov 2, 2023
0xWise64
Incomplete validation in signal ops leads to crashes in TensorFlow Moderate
CVE-2022-29213 was published for tensorflow (pip) May 24, 2022
Crash when type cannot be specialized in Tensorflow Moderate
CVE-2022-23572 was published for tensorflow (pip) Feb 9, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ` Moderate
CVE-2022-41901 was published for tensorflow (pip) Nov 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database