Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

159 advisories

Loading
Heap OOB in `FusedBatchNorm` kernels High
CVE-2021-41223 was published for tensorflow (pip) Nov 10, 2021
Heap OOB read in `tf.ragged.cross` High
CVE-2021-41212 was published for tensorflow (pip) Nov 10, 2021
Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops High
CVE-2021-41205 was published for tensorflow (pip) Nov 10, 2021
PaddlePaddle Out-of-bounds Read vulnerability Critical
CVE-2022-46741 was published for paddlepaddle (pip) Dec 7, 2022
Out of bounds read in Tensorflow High
CVE-2022-21730 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-21726 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-23594 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-23592 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read and write in Tensorflow High
CVE-2022-23574 was published for tensorflow (pip) Feb 9, 2022
Out of bounds read in Tensorflow High
CVE-2022-21728 was published for tensorflow (pip) Feb 9, 2022
Read and Write outside of bounds in TensorFlow High
CVE-2022-23560 was published for tensorflow (pip) Feb 9, 2022
Apache InLong contains Out-of-bounds Read vulnerability High
CVE-2023-24977 was published for org.apache.inlong:inlong (Maven) Feb 1, 2023
Heap OOB in TFLite's `Gather*` implementations Moderate
CVE-2021-37687 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in TFLite Moderate
CVE-2021-37685 was published for tensorflow (pip) Aug 25, 2021
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function High
CVE-2022-39213 was published for github.com/pandatix/go-cvss (Go) Sep 16, 2022
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read Moderate
CVE-2018-16982 was published for OpenCC (npm) May 14, 2022
richardfan0606 DanBeard
Out-of-bounds read in Pillow High
CVE-2020-11538 was published for Pillow (pip) Jul 27, 2020
partial_sort contains Out-of-bounds Read in release mode Moderate
GHSA-5x36-7567-3cw6 was published for partial_sort (Rust) Feb 28, 2023
Out-of-bounds Read in iText Moderate
CVE-2022-24198 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
mprins
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64 Critical
CVE-2023-26489 was published for cranelift-codegen (Rust) Mar 9, 2023
alexcrichton
Wasmtime out of bounds read/write with zero-memory-pages configuration Moderate
CVE-2022-39392 was published for wasmtime (Rust) Nov 10, 2022
alexcrichton
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad High
CVE-2023-25658 was published for tensorflow (pip) Mar 24, 2023
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch High
CVE-2023-25659 was published for tensorflow (pip) Mar 24, 2023
dengyinlin
Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses Moderate
CVE-2023-28448 was published for versionize (Rust) Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API