Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

374 advisories

Loading
Missing validation results in undefined behavior in `QuantizedConv2D` Moderate
CVE-2022-29201 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LSTMBlockCell` Moderate
CVE-2022-29200 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LoadAndRemapMatrix` Moderate
CVE-2022-29199 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix` Moderate
CVE-2022-29198 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `UnsortedSegmentJoin` Moderate
CVE-2022-29197 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2` Moderate
CVE-2022-29196 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `StagePeek` Moderate
CVE-2022-29195 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `DeleteSessionTensor` Moderate
CVE-2022-29194 was published for tensorflow (pip) May 24, 2022
Missing validation crashes `QuantizeAndDequantizeV4Grad` Moderate
CVE-2022-29192 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `GetSessionTensor` Moderate
CVE-2022-29191 was published for tensorflow (pip) May 24, 2022
Magento Improper input validation vulnerability Moderate
CVE-2021-28585 was published for magento/community-edition (Composer) May 24, 2022
Lack of type validation in agent related REST API in Jenkins Moderate
CVE-2021-21639 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Arbitrary file existence check in file fingerprints in Jenkins Moderate
CVE-2021-21606 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Improper Input Validation in strapi Moderate
CVE-2020-13961 was published for strapi (npm) May 24, 2022
Froxlor Information Disclosure Moderate
CVE-2020-10236 was published for froxlor/froxlor (Composer) May 24, 2022
Kubernetes ingress exposes sensitive information Moderate
CVE-2018-1002104 was published for k8s.io/ingress-nginx (Go) May 24, 2022
Kubernetes CSI Sidecar Containers Can Allow Unauthorized Data Access Moderate
CVE-2019-11255 was published for github.com/kubernetes-csi/external-provisioner (Go) May 24, 2022
Elastic APM agent for Python client CGI proxy redirection flaw Moderate
CVE-2019-7617 was published for elastic-apm (pip) May 24, 2022
Magento 2 Community Edition Information Disclosure Moderate
CVE-2019-7898 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Information Disclosure Moderate
CVE-2019-7899 was published for magento/community-edition (Composer) May 24, 2022
Moodle Private files uploaded via incoming mail processing could bypass quota restrictions Moderate
CVE-2019-10134 was published for moodle/moodle (Composer) May 24, 2022
Matrix Sydent mishandles emails Moderate
CVE-2019-11340 was published for matrix-sydent (pip) May 24, 2022
Missing validation causes `TensorSummaryV2` to crash Moderate
CVE-2022-29193 was published for tensorflow (pip) May 24, 2022
Login screen allows message spoofing if SSO is enabled Moderate
CVE-2022-24905 was published for github.com/argoproj/argo-cd (Go) May 24, 2022
openshift-origin-node Improper Input Validation vulnerability Moderate
CVE-2014-0084 was published for openshift-origin-node (RubyGems) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database