GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
95 advisories
Filter by severity
Moderate severity vulnerability that affects mailman
Moderate
CVE-2018-13796
was published
for
mailman
(pip)
Sep 11, 2018
Improper Input Validation in ansible
Moderate
CVE-2016-8647
was published
for
ansible
(pip)
Oct 10, 2018
Denial of Service in Tensorflow
Moderate
CVE-2020-15194
was published
for
tensorflow
(pip)
Sep 25, 2020
Undefined behavior in Tensorflow
Moderate
CVE-2020-15191
was published
for
tensorflow
(pip)
Sep 25, 2020
Denial of Service in Tensorflow
Moderate
CVE-2020-15197
was published
for
tensorflow
(pip)
Sep 25, 2020
Heap buffer overflow in Tensorflow
Moderate
CVE-2020-15201
was published
for
tensorflow
(pip)
Sep 25, 2020
CHECK-fail in LSTM with zero-length input in TensorFlow
Moderate
CVE-2020-26270
was published
for
tensorflow
(pip)
Dec 10, 2020
Cross-site Scripting (XSS) in Django REST Framework
Moderate
CVE-2020-25626
was published
for
djangorestframework
(pip)
Mar 19, 2021
Denial of service (via resource exhaustion) due to improper input validation on groups/communities endpoints
Moderate
CVE-2021-21393
was published
for
matrix-synapse
(pip)
Apr 13, 2021
Denial of service (via resource exhaustion) due to improper input validation on third-party identifier endpoints
Moderate
CVE-2021-21394
was published
for
matrix-synapse
(pip)
Apr 13, 2021
Sydent DoS (via resource exhaustion) due to improper input validation
Moderate
CVE-2021-29433
was published
for
matrix-sydent
(pip)
Apr 16, 2021
SSRF in Sydent due to missing validation of hostnames
Moderate
CVE-2021-29431
was published
for
matrix-sydent
(pip)
Apr 19, 2021
Malicious users could abuse Sydent to control the content of invitation emails
Moderate
CVE-2021-29432
was published
for
matrix-sydent
(pip)
Apr 19, 2021
Segfault on strings tensors with mistmatched dimensions, due to Go code
Moderate
CVE-2021-37692
was published
for
tensorflow
(pip)
Aug 25, 2021
Missing validation in shape inference for `Dequantize`
Moderate
CVE-2021-37677
was published
for
tensorflow
(pip)
Aug 25, 2021
Incomplete validation in `MaxPoolGrad`
Moderate
CVE-2021-37674
was published
for
tensorflow
(pip)
Aug 25, 2021
Improper Input Validation in OpenCV
Moderate
CVE-2016-1517
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Username spoofing in OnionShare
Moderate
CVE-2022-21696
was published
for
onionshare-cli
(pip)
Jan 21, 2022
ProTip!
Advisories are also available from the
GraphQL API