Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26 advisories

Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory. Moderate
CVE-2018-21233 was published for tensorflow (pip) May 13, 2020
Out-of-bounds reads in Pillow Moderate
CVE-2020-10994 was published for Pillow (pip) Jul 27, 2020
Out-of-bounds reads in Pillow Moderate
CVE-2020-10177 was published for Pillow (pip) Jul 27, 2020
sunSUNQ
Out of bounds access in tensorflow-lite Moderate
CVE-2020-15211 was published for tensorflow (pip) Sep 25, 2020
Pillow Out-of-bounds Read Moderate
CVE-2020-35655 was published for Pillow (pip) Mar 18, 2021
sunSUNQ
Incomplete validation in `tf.raw_ops.CTCLoss` Moderate
CVE-2021-29613 was published for tensorflow (pip) May 21, 2021
Heap OOB in TFLite's `Gather*` implementations Moderate
CVE-2021-37687 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in TFLite Moderate
CVE-2021-37685 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `SdcaOptimizerV2` Moderate
CVE-2021-37672 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `UpperBound` and `LowerBound` Moderate
CVE-2021-37670 was published for tensorflow (pip) Aug 25, 2021
Out-of-bounds Read in OpenCV Moderate
CVE-2019-16249 was published for opencv-contrib-python (pip) Oct 12, 2021
Out-of-bounds Read in OpenCV Moderate
CVE-2019-19624 was published for opencv-contrib-python (pip) Oct 12, 2021
Out-of-bounds read in Pillow Moderate
CVE-2020-10378 was published for Pillow (pip) Nov 3, 2021
sunSUNQ
Arbitrary memory read in `ImmutableConst` Moderate
CVE-2021-41227 was published for tensorflow (pip) Nov 10, 2021
Out-of-bounds Read in Pillow Moderate
CVE-2022-22816 was published for Pillow (pip) Jan 12, 2022
tdunlap607
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read Moderate
CVE-2018-16982 was published for OpenCC (npm) May 14, 2022
richardfan0606 DanBeard
WASM3 segmentation fault Moderate
CVE-2022-34529 was published for pywasm3 (pip) Jul 28, 2022
Out of bounds segmentation fault due to unequal op inputs in Tensorflow Moderate
CVE-2022-41883 was published for tensorflow (pip) Nov 21, 2022
`MirrorPadGrad` heap out of bounds read Moderate
CVE-2022-41895 was published for tensorflow (pip) Nov 21, 2022
`FractionalMaxPoolGrad` Heap out of bounds read Moderate
CVE-2022-41897 was published for tensorflow (pip) Nov 21, 2022
Heap overflow in `QuantizeAndDequantizeV2` Moderate
CVE-2022-41910 was published for tensorflow (pip) Nov 21, 2022
Tensorflow vulnerable to Out-of-Bounds Read Moderate
CVE-2022-41880 was published for tensorflow (pip) Nov 22, 2022
PaddlePaddle segfault in paddle.mode Moderate
CVE-2023-38678 was published for PaddlePaddle (pip) Jan 3, 2024
Onnx Out-of-bounds Read vulnerability Moderate
CVE-2024-27319 was published for onnx (pip) Feb 23, 2024
iarspider
PyMongo Out-of-bounds Read in the bson module Moderate
GHSA-cr6f-gf5w-vhrc was published for pymongo (pip) Apr 6, 2024 withdrawn
ProTip! Advisories are also available from the GraphQL API