GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,439 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
Moderate
CVE-2019-9644
was published
for
jupyter-notebook
(pip)
May 14, 2022
Integer overflow in `SpaceToBatchND`
Moderate
CVE-2022-29203
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2`
Moderate
CVE-2022-29204
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D`
Moderate
CVE-2022-29201
was published
for
tensorflow
(pip)
May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Roundup
Moderate
CVE-2012-6133
was published
for
roundup
(pip)
Apr 23, 2022
Missing validation causes denial of service via `UnsortedSegmentJoin`
Moderate
CVE-2022-29197
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation crashes `QuantizeAndDequantizeV4Grad`
Moderate
CVE-2022-29192
was published
for
tensorflow
(pip)
May 24, 2022
Segfault due to missing support for quantized types
Moderate
CVE-2022-29205
was published
for
tensorflow
(pip)
May 24, 2022
Undefined behavior when users supply invalid resource handles
Moderate
CVE-2022-29207
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `LoadAndRemapMatrix`
Moderate
CVE-2022-29199
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd
Moderate
CVE-2022-29206
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `StagePeek`
Moderate
CVE-2022-29195
was published
for
tensorflow
(pip)
May 24, 2022
Cross-site scripting in markdown2 for python
Moderate
CVE-2009-3724
was published
for
markdown2
(pip)
Apr 21, 2022
Regular expression denial of service in url_regex
Moderate
CVE-2022-21195
was published
for
url_regex
(pip)
May 21, 2022
Missing validation causes `TensorSummaryV2` to crash
Moderate
CVE-2022-29193
was published
for
tensorflow
(pip)
May 24, 2022
Verification check bypass in Gate One
Moderate
CVE-2020-19003
was published
for
gateone
(pip)
Oct 12, 2021
Open Redirect in Flask-AppBuilder
Moderate
CVE-2022-24776
was published
for
Flask-AppBuilder
(pip)
Mar 25, 2022
Insertion of Sensitive Information into Log File in ansible
Moderate
CVE-2021-20180
was published
for
ansible
(pip)
Mar 17, 2022
XML External Entities Vulnerability in CVRF-CSAF-Converter
Moderate
CVE-2022-27193
was published
for
cvrf2csaf
(pip)
Mar 16, 2022
Cross-site Scripting in FreeTAKServer-UI
Moderate
CVE-2022-25507
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
SQL Injection in FreeTAKServer-UI
Moderate
CVE-2022-25506
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
Path traversal in FreeTAKServer-UI
Moderate
CVE-2022-25511
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
Apache Superset has Improper Access Control
Moderate
CVE-2022-45438
was published
for
apache-superset
(pip)
Jan 16, 2023
Apache Superset Open Redirect vulnerability
Moderate
CVE-2022-43721
was published
for
apache-superset
(pip)
Jan 16, 2023
Apache Superset vulnerable to Injection
Moderate
CVE-2022-43720
was published
for
apache-superset
(pip)
Jan 16, 2023
ProTip!
Advisories are also available from the
GraphQL API