GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
159 advisories
Filter by severity
Heap OOB in `FusedBatchNorm` kernels
High
CVE-2021-41223
was published
for
tensorflow
(pip)
Nov 10, 2021
Heap OOB read in `tf.ragged.cross`
High
CVE-2021-41212
was published
for
tensorflow
(pip)
Nov 10, 2021
Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
High
CVE-2021-41205
was published
for
tensorflow
(pip)
Nov 10, 2021
PaddlePaddle Out-of-bounds Read vulnerability
Critical
CVE-2022-46741
was published
for
paddlepaddle
(pip)
Dec 7, 2022
Out of bounds read and write in Tensorflow
High
CVE-2022-23574
was published
for
tensorflow
(pip)
Feb 9, 2022
Read and Write outside of bounds in TensorFlow
High
CVE-2022-23560
was published
for
tensorflow
(pip)
Feb 9, 2022
Apache InLong contains Out-of-bounds Read vulnerability
High
CVE-2023-24977
was published
for
org.apache.inlong:inlong
(Maven)
Feb 1, 2023
Heap OOB in TFLite's `Gather*` implementations
Moderate
CVE-2021-37687
was published
for
tensorflow
(pip)
Aug 25, 2021
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function
High
CVE-2022-39213
was published
for
github.com/pandatix/go-cvss
(Go)
Sep 16, 2022
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read
Moderate
CVE-2018-16982
was published
for
OpenCC
(npm)
May 14, 2022
partial_sort contains Out-of-bounds Read in release mode
Moderate
GHSA-5x36-7567-3cw6
was published
for
partial_sort
(Rust)
Feb 28, 2023
Out-of-bounds Read in iText
Moderate
CVE-2022-24198
was published
for
com.itextpdf:itext7-core
(Maven)
Feb 2, 2022
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64
Critical
CVE-2023-26489
was published
for
cranelift-codegen
(Rust)
Mar 9, 2023
Wasmtime out of bounds read/write with zero-memory-pages configuration
Moderate
CVE-2022-39392
was published
for
wasmtime
(Rust)
Nov 10, 2022
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad
High
CVE-2023-25658
was published
for
tensorflow
(pip)
Mar 24, 2023
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
High
CVE-2023-25659
was published
for
tensorflow
(pip)
Mar 24, 2023
Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses
Moderate
CVE-2023-28448
was published
for
versionize
(Rust)
Mar 24, 2023
ProTip!
Advisories are also available from the
GraphQL API