GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
52 advisories
Filter by severity
Null pointer dereference in TensorFlow leads to exploitation
Moderate
CVE-2018-7576
was published
for
tensorflow
(pip)
Apr 24, 2019
NULL Pointer Dereference in Kubernetes CSI snapshot-controller
Moderate
CVE-2020-8569
was published
for
github.com/kubernetes-csi/external-snapshotter/v2
(Go)
Feb 15, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd
Moderate
CVE-2022-29206
was published
for
tensorflow
(pip)
May 24, 2022
Segfault due to missing support for quantized types
Moderate
CVE-2022-29205
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D`
Moderate
CVE-2022-29201
was published
for
tensorflow
(pip)
May 24, 2022
CloudCore UDS Server: Malicious Message can crash CloudCore
Moderate
CVE-2022-31076
was published
for
github.com/kubeedge/kubeedge
(Go)
Jun 25, 2022
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server
Moderate
CVE-2022-31077
was published
for
github.com/kubeedge/kubeedge
(Go)
Jun 25, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`
Moderate
CVE-2022-36013
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Moderate
CVE-2022-36011
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`
Moderate
CVE-2022-36014
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`
Moderate
CVE-2022-35965
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Moderate
CVE-2022-36000
was published
for
tensorflow
(pip)
Sep 16, 2022
NULL Pointer Dereference in Google TensorFlow
Moderate
CVE-2019-9635
was published
for
tensorflow
(pip)
Apr 30, 2019
Segfault via invalid attributes in `pywrap_tfe_src.cc`
Moderate
CVE-2022-41889
was published
for
tensorflow
(pip)
Nov 21, 2022
Undefined behavior in Tensorflow
Moderate
CVE-2020-15191
was published
for
tensorflow
(pip)
Sep 25, 2020
Null pointer dereference in tensorflow-lite
Moderate
CVE-2020-15209
was published
for
tensorflow
(pip)
Sep 25, 2020
Null pointer dereference in TFLite's `Reshape` operator
Moderate
CVE-2021-29592
was published
for
tensorflow
(pip)
May 21, 2021
Null pointer exception in `DeserializeSparse`
Moderate
CVE-2021-41215
was published
for
tensorflow
(pip)
Nov 10, 2021
Null pointer exception when `Exit` node is not preceded by `Enter` op
Moderate
CVE-2021-41217
was published
for
tensorflow
(pip)
Nov 10, 2021
Null-dereference in Tensorflow
Moderate
CVE-2022-23570
was published
for
tensorflow
(pip)
Feb 9, 2022
Null-dereference in Tensorflow
Moderate
CVE-2022-23577
was published
for
tensorflow
(pip)
Feb 10, 2022
Null pointer dereference in Grappler's `IsConstant`
Moderate
CVE-2022-23589
was published
for
tensorflow
(pip)
Feb 9, 2022
Null pointer dereference in TensorFlow
Moderate
CVE-2022-21739
was published
for
tensorflow
(pip)
Feb 9, 2022
ProTip!
Advisories are also available from the
GraphQL API