Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

106 advisories

Loading
Overflow in `ImageProjectiveTransformV2` Moderate
CVE-2022-41886 was published for tensorflow (pip) Nov 21, 2022
Overflow in `tf.keras.losses.poisson` Moderate
CVE-2022-41887 was published for tensorflow (pip) Nov 21, 2022
Overflow in `FusedResizeAndPadConv2D` Moderate
CVE-2022-41885 was published for tensorflow (pip) Nov 21, 2022
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a... High Unreviewed
CVE-2014-3468 was published May 13, 2022
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are... High Unreviewed
CVE-2017-0166 was published May 13, 2022
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local... High Unreviewed
CVE-2017-0569 was published May 13, 2022
In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a... High Unreviewed
CVE-2017-13289 was published May 13, 2022
process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2017-14934 was published May 13, 2022
In jpeg, there is a possible use after free due to a logic error. This could lead to local... Moderate Unreviewed
CVE-2022-32649 was published Jan 3, 2023
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local... Moderate Unreviewed
CVE-2022-32651 was published Jan 3, 2023
In mtk-isp, there is a possible use after free due to a logic error. This could lead to local... Moderate Unreviewed
CVE-2022-32650 was published Jan 3, 2023
In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer... Moderate Unreviewed
CVE-2022-26474 was published Oct 8, 2022
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS).... High Unreviewed
CVE-2020-36475 was published May 24, 2022
Incorrect buffer size calculation in iced-x86 Critical
CVE-2021-38188 was published for iced-x86 (Rust) Aug 25, 2021
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at... Moderate Unreviewed
CVE-2022-2520 was published Sep 1, 2022
In pqframework, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-20627 was published Mar 7, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-24908 was published Mar 28, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-24907 was published Mar 28, 2023
A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All... High Unreviewed
CVE-2019-19282 was published May 24, 2022
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host... Moderate Unreviewed
CVE-2022-2873 was published Aug 23, 2022
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution... Critical Unreviewed
CVE-2023-0568 was published Feb 16, 2023
Incorrect buffer size in crossbeam-channel Moderate
CVE-2020-35904 was published for crossbeam-channel (Rust) Aug 25, 2021
An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an... Moderate Unreviewed
CVE-2019-3560 was published May 24, 2022
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. High Unreviewed
CVE-2023-1175 was published Mar 4, 2023
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2 Critical
CVE-2021-37404 was published for org.apache.hadoop:hadoop-common (Maven) Jun 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database