Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

55 advisories

Loading
Uninitialized memory access in TensorFlow Low
CVE-2020-26266 was published for tensorflow (pip) Dec 10, 2020
Heap out of bounds access in MakeEdge in TensorFlow Low
CVE-2020-26271 was published for tensorflow (pip) Dec 10, 2020
Free of uninitialized memory in adtensor Critical
CVE-2021-29936 was published for adtensor (Rust) Aug 25, 2021
Free of uninitialized memory in autorand High
CVE-2020-36210 was published for autorand (Rust) Aug 25, 2021
Use of Uninitialized Resource in truetype High
CVE-2021-28030 was published for truetype (Rust) Aug 25, 2021
Compiler optimisation leads to SEGFAULT Moderate
GHSA-r6ff-2q3c-v3pv was published for pnet (Rust) Aug 25, 2021
Segfault due to missing support for quantized types Moderate
CVE-2022-29205 was published for tensorflow (pip) May 24, 2022
Memory corruption in Tensorflow High
CVE-2020-15193 was published for tensorflow (pip) Sep 25, 2020
Undefined behavior and `CHECK`-fail in `FractionalMaxPoolGrad` Low
CVE-2021-29580 was published for tensorflow (pip) May 21, 2021
Segfault in `CTCBeamSearchDecoder` Low
CVE-2021-29581 was published for tensorflow (pip) May 21, 2021
Use of Uninitialized Resource in libp2p-deflate Critical
CVE-2020-36443 was published for libp2p-deflate (Rust) Aug 25, 2021
Memory corruption in array-tools Critical
CVE-2020-36452 was published for array-tools (Rust) Aug 25, 2021
Uninitialized memory use in generator High
CVE-2019-16144 was published for generator (Rust) Aug 25, 2021
Use of Uninitialized Resource in alg_ds Critical
CVE-2020-36432 was published for alg_ds (Rust) Aug 25, 2021
A use of uninitialized value vulnerability in Tensorflow Moderate
CVE-2021-41225 was published for tensorflow (pip) Nov 10, 2021
Uninitialized variable access in Tensorflow High
CVE-2022-23573 was published for tensorflow (pip) Feb 9, 2022
Free of uninitialized memory in telemetry Critical
CVE-2021-29937 was published for telemetry (Rust) Aug 25, 2021
Deserializing an array can free uninitialized memory in byte_struct Critical
CVE-2021-28033 was published for byte_struct (Rust) Aug 25, 2021
tdunlap607
Out of bounds read in bra Critical
CVE-2021-25905 was published for bra (Rust) Aug 25, 2021
tdunlap607
Read of uninitialized memory in cdr Critical
CVE-2021-26305 was published for cdr (Rust) Aug 25, 2021
tdunlap607
Use of Uninitialized Variable in trilogy Moderate
CVE-2022-31026 was published for trilogy (RubyGems) Jun 6, 2022
Uninitialized read in Nokogiri gem High
CVE-2019-13117 was published for nokogiri (RubyGems) May 24, 2022
Use of Uninitialized Resource in ash. Critical
CVE-2021-45688 was published for ash (Rust) Jan 6, 2022
tdunlap607
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36514 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in bite. High
CVE-2020-36511 was published for bite (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API