Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,954
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,252 advisories

ActiveRecord in Ruby on Rails allows database-query bypass High
CVE-2016-6317 was published for activerecord (RubyGems) Oct 24, 2017
cairo is vulnerable to denial of service due to a null pointer dereference Moderate
CVE-2017-7475 was published for cairo (RubyGems) Nov 15, 2017
Nokogiri NULL Pointer Dereference High
CVE-2018-14404 was published for nokogiri (RubyGems) Jan 17, 2019
Null pointer dereference in TensorFlow leads to exploitation Moderate
CVE-2018-7576 was published for tensorflow (pip) Apr 24, 2019
NULL Pointer Dereference in Google TensorFlow Moderate
CVE-2019-9635 was published for tensorflow (pip) Apr 30, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_filterbank High
CVE-2018-19801 was published for aubio (pip) Jul 26, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function High
CVE-2018-19802 was published for aubio (pip) Jul 26, 2019
tdunlap607
Segfault in Tensorflow Moderate
CVE-2020-15190 was published for tensorflow (pip) Sep 25, 2020
Undefined behavior in Tensorflow Moderate
CVE-2020-15191 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow Moderate
CVE-2020-15204 was published for tensorflow (pip) Sep 25, 2020
Null pointer dereference in tensorflow-lite Moderate
CVE-2020-15209 was published for tensorflow (pip) Sep 25, 2020
Type confusion during tensor casts lead to dereferencing null pointers Low
CVE-2021-29513 was published for tensorflow (pip) May 21, 2021
Reference binding to null pointer in `MatrixDiag*` ops Low
CVE-2021-29515 was published for tensorflow (pip) May 21, 2021
Null pointer dereference via invalid Ragged Tensors Low
CVE-2021-29516 was published for tensorflow (pip) May 21, 2021
Session operations in eager mode lead to null pointer dereferences Low
CVE-2021-29518 was published for tensorflow (pip) May 21, 2021
Invalid validation in `SparseMatrixSparseCholesky` Low
CVE-2021-29530 was published for tensorflow (pip) May 21, 2021
Null pointer dereference in `StringNGrams` Low
CVE-2021-29541 was published for tensorflow (pip) May 21, 2021
Null pointer dereference in `EditDistance` Low
CVE-2021-29564 was published for tensorflow (pip) May 21, 2021
Null pointer dereference in `SparseFillEmptyRows` Low
CVE-2021-29565 was published for tensorflow (pip) May 21, 2021
Reference binding to null in `ParameterizedTruncatedNormal` Low
CVE-2021-29568 was published for tensorflow (pip) May 21, 2021
Reference binding to nullptr in `SdcaOptimizer` Low
CVE-2021-29572 was published for tensorflow (pip) May 21, 2021
Undefined behavior in `MaxPool3DGradGrad` Low
CVE-2021-29574 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow and undefined behavior in `FusedBatchNorm` Low
CVE-2021-29583 was published for tensorflow (pip) May 21, 2021
Null pointer dereference in TFLite's `Reshape` operator Moderate
CVE-2021-29592 was published for tensorflow (pip) May 21, 2021
Null dereference in Grappler's `TrySimplify` Low
CVE-2021-29616 was published for tensorflow (pip) May 21, 2021
ProTip! Advisories are also available from the GraphQL API