Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,327 advisories

Loading
Lack of validation in data format attributes in TensorFlow Low
CVE-2020-26267 was published for tensorflow (pip) Dec 10, 2020
Heap out of bounds access in MakeEdge in TensorFlow Low
CVE-2020-26271 was published for tensorflow (pip) Dec 10, 2020
Pillow Out-of-bounds Read Moderate
CVE-2020-35655 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Pillow Out-of-bounds Read High
CVE-2020-35653 was published for Pillow (pip) Mar 18, 2021
Out of bounds read in Pillow High
CVE-2021-25293 was published for Pillow (pip) Mar 29, 2021
sunSUNQ
Out of bounds read in Pillow High
CVE-2021-25291 was published for Pillow (pip) Mar 29, 2021
tdunlap607 sunSUNQ
Out-of-bounds read in Apache Thrift High
CVE-2019-0210 was published for github.com/apache/thrift (Go) May 18, 2021
Heap out of bounds read in `RaggedCross` Low
CVE-2021-29532 was published for tensorflow (pip) May 21, 2021
Heap out of bounds in `QuantizedBatchNormWithGlobalNormalization` Low
CVE-2021-29547 was published for tensorflow (pip) May 21, 2021
OOB read in `MatrixTriangularSolve` Low
CVE-2021-29551 was published for tensorflow (pip) May 21, 2021
Heap OOB in `QuantizeAndDequantizeV3` Low
CVE-2021-29553 was published for tensorflow (pip) May 21, 2021
Heap OOB access in unicode ops Low
CVE-2021-29559 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `RaggedTensorToTensor` Low
CVE-2021-29560 was published for tensorflow (pip) May 21, 2021
Heap out of bounds read in `RequantizationRange` Low
CVE-2021-29569 was published for tensorflow (pip) May 21, 2021
Heap out of bounds read in `MaxPoolGradWithArgmax` Low
CVE-2021-29570 was published for tensorflow (pip) May 21, 2021
Heap OOB read in `tf.raw_ops.Dequantize` Low
CVE-2021-29582 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow and undefined behavior in `FusedBatchNorm` Low
CVE-2021-29583 was published for tensorflow (pip) May 21, 2021
Heap OOB read in TFLite's implementation of `Minimum` or `Maximum` Low
CVE-2021-29590 was published for tensorflow (pip) May 21, 2021
Heap OOB read in TFLite High
CVE-2021-29606 was published for tensorflow (pip) May 21, 2021
Incomplete validation in `tf.raw_ops.CTCLoss` Moderate
CVE-2021-29613 was published for tensorflow (pip) May 21, 2021
Out-of-bounds Read and Missing Release of Memory after Effective Lifetime in tar Moderate Unreviewed
CVE-2021-20193 was published May 27, 2021
Out-of-bounds Read in Pillow Critical
CVE-2021-25287 was published for Pillow (pip) Jun 8, 2021
Out-of-bounds Read Critical
CVE-2021-25288 was published for Pillow (pip) Jun 8, 2021
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Out-of-Bounds Read in Node.js High Unreviewed
CVE-2021-22918 was published Jul 13, 2021
ProTip! Advisories are also available from the GraphQL API