GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
57 advisories
Filter by severity
The Mem_File_Reader::read_avail function in Data_Reader.cpp in the Game_Music_Emu library (aka...
Moderate
Unreviewed
CVE-2017-17446
was published
May 13, 2022
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function...
High
Unreviewed
CVE-2021-27219
was published
May 24, 2022
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If...
High
Unreviewed
CVE-2021-27218
was published
May 24, 2022
Overflow/crash in `tf.range`
Moderate
CVE-2021-41202
was published
for
tensorflow
(pip)
Nov 10, 2021
Crash in NMS ops caused by integer conversion to unsigned
Moderate
CVE-2021-37669
was published
for
tensorflow
(pip)
Aug 25, 2021
Crash caused by integer conversion to unsigned
Moderate
CVE-2021-37661
was published
for
tensorflow
(pip)
Aug 25, 2021
Heap OOB in nested `tf.map_fn` with `RaggedTensor`s
High
CVE-2021-37679
was published
for
tensorflow
(pip)
Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion
Moderate
CVE-2021-37646
was published
for
tensorflow
(pip)
Aug 25, 2021
Integer overflow due to conversion to unsigned
Moderate
CVE-2021-37645
was published
for
tensorflow
(pip)
Aug 25, 2021
Segfault in tf.raw_ops.ImmutableConst
Low
CVE-2021-29539
was published
for
tensorflow
(pip)
May 21, 2021
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows...
Moderate
Unreviewed
CVE-2010-2807
was published
May 13, 2022
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin...
High
Unreviewed
CVE-2019-9749
was published
May 13, 2022
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow
Low
CVE-2019-16778
was published
for
tensorflow
(pip)
Dec 16, 2019
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and...
High
Unreviewed
CVE-2021-27478
was published
May 13, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...
High
Unreviewed
CVE-2022-27189
was published
May 6, 2022
An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux...
Moderate
Unreviewed
CVE-2020-28588
was published
May 24, 2022
An exploitable signed conversion vulnerability exists in the TextMaker document parsing...
High
Unreviewed
CVE-2020-13545
was published
May 24, 2022
An issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for...
Critical
Unreviewed
CVE-2021-36357
was published
May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality...
High
Unreviewed
CVE-2021-21861
was published
May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality...
High
Unreviewed
CVE-2021-21860
was published
May 24, 2022
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer...
High
Unreviewed
CVE-2021-32461
was published
May 24, 2022
Due to unexpected data type conversions, a use-after-free could have occurred when interacting...
High
Unreviewed
CVE-2021-23997
was published
May 24, 2022
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a...
High
Unreviewed
CVE-2019-19317
was published
May 24, 2022
Besu VM vulnerable to gas allocation error in CALL operations
Critical
CVE-2022-36025
was published
for
org.hyperledger.besu:evm
(Maven)
Sep 23, 2022
ProTip!
Advisories are also available from the
GraphQL API