Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

52 advisories

Loading
Null pointer dereference in TensorFlow leads to exploitation Moderate
CVE-2018-7576 was published for tensorflow (pip) Apr 24, 2019
NULL Pointer Dereference in Kubernetes CSI snapshot-controller Moderate
CVE-2020-8569 was published for github.com/kubernetes-csi/external-snapshotter/v2 (Go) Feb 15, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd Moderate
CVE-2022-29206 was published for tensorflow (pip) May 24, 2022
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D` Moderate
CVE-2022-29201 was published for tensorflow (pip) May 24, 2022
CloudCore UDS Server: Malicious Message can crash CloudCore Moderate
CVE-2022-31076 was published for github.com/kubeedge/kubeedge (Go) Jun 25, 2022
DavidKorczynski AdamKorcz
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server Moderate
CVE-2022-31077 was published for github.com/kubeedge/kubeedge (Go) Jun 25, 2022
DavidKorczynski AdamKorcz
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef` Moderate
CVE-2022-36013 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes Moderate
CVE-2022-36011 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr` Moderate
CVE-2022-36014 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound` Moderate
CVE-2022-35965 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes Moderate
CVE-2022-36000 was published for tensorflow (pip) Sep 16, 2022
NULL Pointer Dereference in Google TensorFlow Moderate
CVE-2019-9635 was published for tensorflow (pip) Apr 30, 2019
Segfault via invalid attributes in `pywrap_tfe_src.cc` Moderate
CVE-2022-41889 was published for tensorflow (pip) Nov 21, 2022
Segfault in Tensorflow Moderate
CVE-2020-15190 was published for tensorflow (pip) Sep 25, 2020
Undefined behavior in Tensorflow Moderate
CVE-2020-15191 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow Moderate
CVE-2020-15204 was published for tensorflow (pip) Sep 25, 2020
Null pointer dereference in tensorflow-lite Moderate
CVE-2020-15209 was published for tensorflow (pip) Sep 25, 2020
Null pointer dereference in TFLite's `Reshape` operator Moderate
CVE-2021-29592 was published for tensorflow (pip) May 21, 2021
Null pointer exception in `DeserializeSparse` Moderate
CVE-2021-41215 was published for tensorflow (pip) Nov 10, 2021
Null pointer exception when `Exit` node is not preceded by `Enter` op Moderate
CVE-2021-41217 was published for tensorflow (pip) Nov 10, 2021
Null-dereference in Tensorflow Moderate
CVE-2022-23570 was published for tensorflow (pip) Feb 9, 2022
Null-dereference in Tensorflow Moderate
CVE-2022-23577 was published for tensorflow (pip) Feb 10, 2022
Null pointer dereference in Grappler's `IsConstant` Moderate
CVE-2022-23589 was published for tensorflow (pip) Feb 9, 2022
Null pointer dereference in TensorFlow Moderate
CVE-2022-21739 was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API