Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

228 advisories

Loading
Undefined behavior when users supply invalid resource handles Moderate
CVE-2022-29207 was published for tensorflow (pip) May 24, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd Moderate
CVE-2022-29206 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2` Moderate
CVE-2022-29204 was published for tensorflow (pip) May 24, 2022
Denial of service in `tf.ragged.constant` due to lack of validation Moderate
CVE-2022-29202 was published for tensorflow (pip) May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D` Moderate
CVE-2022-29201 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LSTMBlockCell` Moderate
CVE-2022-29200 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LoadAndRemapMatrix` Moderate
CVE-2022-29199 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix` Moderate
CVE-2022-29198 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `UnsortedSegmentJoin` Moderate
CVE-2022-29197 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2` Moderate
CVE-2022-29196 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `StagePeek` Moderate
CVE-2022-29195 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `DeleteSessionTensor` Moderate
CVE-2022-29194 was published for tensorflow (pip) May 24, 2022
Missing validation crashes `QuantizeAndDequantizeV4Grad` Moderate
CVE-2022-29192 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `GetSessionTensor` Moderate
CVE-2022-29191 was published for tensorflow (pip) May 24, 2022
git-big-picture Code Execution Critical
CVE-2021-3028 was published for git-big-picture (pip) May 24, 2022
SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi Critical
CVE-2020-25592 was published for salt (pip) May 24, 2022
SaltStack Salt Unauthenticated Remote Code Execution Critical
CVE-2020-11651 was published for salt (pip) May 24, 2022
SaltStack Salt is vulnerable Arbitrary Directory Access Moderate
CVE-2020-11652 was published for salt (pip) May 24, 2022
Ansible password prompts could expose passwords Moderate
CVE-2019-10206 was published for ansible (pip) May 24, 2022
tdunlap607
Elastic APM agent for Python client CGI proxy redirection flaw Moderate
CVE-2019-7617 was published for elastic-apm (pip) May 24, 2022
Matrix Sydent mishandles emails Moderate
CVE-2019-11340 was published for matrix-sydent (pip) May 24, 2022
Missing validation causes `TensorSummaryV2` to crash Moderate
CVE-2022-29193 was published for tensorflow (pip) May 24, 2022
Ansible Remote Code Execution Critical
CVE-2014-4657 was published for ansible (pip) May 17, 2022
JGit Improper Input Validation vulnerability Critical
CVE-2014-9390 was published for mercurial (Maven) May 17, 2022
Improper input validation in pyftpdlib Moderate
CVE-2008-7264 was published for pyftpdlib (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database