Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,976
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,534
NuGet
615
pip
3,103
Pub
10
RubyGems
837
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+

159 advisories

Loading
Heap OOB in `UpperBound` and `LowerBound` Moderate
CVE-2021-37670 was published for tensorflow (pip) Aug 25, 2021
Out-of-bounds Read in OpenCV High
CVE-2017-12599 was published for opencv-contrib-python (pip) Oct 12, 2021
Heap OOB in `SparseBinCount` High
CVE-2021-41226 was published for tensorflow (pip) Nov 10, 2021
Undefined behavior via `nullptr` reference binding in sparse matrix multiplication High
CVE-2021-41219 was published for tensorflow (pip) Nov 10, 2021
Out-of-bounds Read in OpenCV High
CVE-2017-12598 was published for opencv-contrib-python (pip) Oct 12, 2021
Out-of-bounds Read in OpenCV Moderate
CVE-2019-19624 was published for opencv-contrib-python (pip) Oct 12, 2021
Out-of-bounds Read Critical
CVE-2021-25288 was published for Pillow (pip) Jun 8, 2021
Heap out of bounds access in sparse reduction operations High
CVE-2021-37635 was published for tensorflow (pip) Aug 25, 2021
Heap out of bounds in `QuantizedBatchNormWithGlobalNormalization` Low
CVE-2021-29547 was published for tensorflow (pip) May 21, 2021
Heap out of bounds read in `RaggedCross` Low
CVE-2021-29532 was published for tensorflow (pip) May 21, 2021
Out-of-bounds Read in Pillow Critical
CVE-2021-25287 was published for Pillow (pip) Jun 8, 2021
Heap buffer overflow in `RaggedTensorToTensor` Low
CVE-2021-29560 was published for tensorflow (pip) May 21, 2021
Heap OOB access in unicode ops Low
CVE-2021-29559 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow and undefined behavior in `FusedBatchNorm` Low
CVE-2021-29583 was published for tensorflow (pip) May 21, 2021
Heap OOB read in `tf.raw_ops.Dequantize` Low
CVE-2021-29582 was published for tensorflow (pip) May 21, 2021
Heap out of bounds read in `RequantizationRange` Low
CVE-2021-29569 was published for tensorflow (pip) May 21, 2021
Heap OOB read in TFLite High
CVE-2021-29606 was published for tensorflow (pip) May 21, 2021
Heap OOB read in TFLite's implementation of `Minimum` or `Maximum` Low
CVE-2021-29590 was published for tensorflow (pip) May 21, 2021
Heap out of bounds read in `MaxPoolGradWithArgmax` Low
CVE-2021-29570 was published for tensorflow (pip) May 21, 2021
Heap OOB in `QuantizeAndDequantizeV3` Low
CVE-2021-29553 was published for tensorflow (pip) May 21, 2021
OOB read in `MatrixTriangularSolve` Low
CVE-2021-29551 was published for tensorflow (pip) May 21, 2021
Segfault in `tf.quantization.quantize_and_dequantize` Low
CVE-2020-15265 was published for tensorflow (pip) Nov 13, 2020
Lack of validation in data format attributes in TensorFlow Low
CVE-2020-26267 was published for tensorflow (pip) Dec 10, 2020
Remote Memory Exposure in bl Moderate
CVE-2020-8244 was published for bl (npm) Sep 2, 2020
Heap buffer overflow in Tensorflow High
CVE-2020-15196 was published for tensorflow (pip) Sep 25, 2020
ProTip! Advisories are also available from the GraphQL API