Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

57 advisories

Loading
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow Low
CVE-2019-16778 was published for tensorflow (pip) Dec 16, 2019
Potential DoS with NumberFilter conversion to integer values. High
CVE-2020-15225 was published for django-filter (pip) Sep 28, 2020
Segfault in tf.raw_ops.ImmutableConst Low
CVE-2021-29539 was published for tensorflow (pip) May 21, 2021
Heap OOB in nested `tf.map_fn` with `RaggedTensor`s High
CVE-2021-37679 was published for tensorflow (pip) Aug 25, 2021
Crash in NMS ops caused by integer conversion to unsigned Moderate
CVE-2021-37669 was published for tensorflow (pip) Aug 25, 2021
Crash caused by integer conversion to unsigned Moderate
CVE-2021-37661 was published for tensorflow (pip) Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion Moderate
CVE-2021-37646 was published for tensorflow (pip) Aug 25, 2021
Integer overflow due to conversion to unsigned Moderate
CVE-2021-37645 was published for tensorflow (pip) Aug 25, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
Overflow/crash in `tf.range` Moderate
CVE-2021-41202 was published for tensorflow (pip) Nov 10, 2021
The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which... High Unreviewed
CVE-2021-32996 was published Jan 11, 2022
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant... High Unreviewed
CVE-2022-27882 was published Mar 26, 2022
Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10... High Unreviewed
CVE-2007-4268 was published May 1, 2022
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context... Moderate Unreviewed
CVE-2007-4988 was published May 1, 2022
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote... High Unreviewed
CVE-2008-1721 was published May 1, 2022
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the... High Unreviewed
CVE-2008-3282 was published May 1, 2022
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and... High Unreviewed
CVE-2009-0231 was published May 2, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-27189 was published May 6, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27478 was published May 13, 2022
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin... High Unreviewed
CVE-2019-9749 was published May 13, 2022
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows... Moderate Unreviewed
CVE-2010-2807 was published May 13, 2022
The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka... Moderate Unreviewed
CVE-2017-17446 was published May 13, 2022
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative... Moderate Unreviewed
CVE-2018-5251 was published May 13, 2022
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7... Moderate Unreviewed
CVE-2018-5711 was published May 13, 2022
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote... Critical Unreviewed
CVE-2016-3074 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API