Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
phpMyFAQ vulnerable to improper input validation Moderate
CVE-2023-1754 was published for thorsten/phpmyfaq (Composer) Mar 31, 2023
TensorFlow Denial of Service vulnerability Moderate
CVE-2023-25661 was published for tensorflow (pip) Mar 27, 2023
dengyinlin
Moodle arbitrary file read vulnerability Moderate
CVE-2023-28330 was published for moodle/moodle (Composer) Mar 23, 2023
russh may use insecure Diffie-Hellman keys Moderate
CVE-2023-28113 was published for russh (Rust) Mar 17, 2023
Holzhaus lambdafu
fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime Moderate
CVE-2023-27483 was published for github.com/crossplane/crossplane-runtime (Go) Mar 13, 2023
phisco AdamKorcz
DavidKorczynski
Crossplane-runtime contains Improper Input Validation via Compositions Moderate
CVE-2023-27484 was published for github.com/crossplane/crossplane (Go) Mar 10, 2023
phisco AdamKorcz
DavidKorczynski
Moodle Improper Input Validation vulnerability Moderate
CVE-2021-36402 was published for moodle/moodle (Composer) Mar 7, 2023
Apache Linkis vulnerable to Exposure of Sensitive Information Moderate
CVE-2022-44644 was published for org.apache.linkis:linkis (Maven) Jan 31, 2023
github.com/openshift/apiserver-library-go Improper Input Validation vulnerability Moderate
CVE-2023-0229 was published for github.com/openshift/apiserver-library-go (Go) Jan 26, 2023
Improper Input Validation in pyload-ng Moderate
CVE-2023-0434 was published for pyload-ng (pip) Jan 22, 2023
Shopware has Improper Input Validation issue in newsletter subscription Moderate
CVE-2023-22734 was published for shopware/core (Composer) Jan 20, 2023
Shopware vulnerable to Improper Input Validation of Clearance sale in cart Moderate
CVE-2023-22730 was published for shopware/core (Composer) Jan 17, 2023
JoshuaBehrens aragon999
go-ipld-prime/codec/json may panic if asked to encode bytes Moderate
CVE-2023-22460 was published for github.com/ipld/go-ipld-prime (Go) Jan 5, 2023
hacdias
Apache Commons Net vulnerable to information leakage via malicious server Moderate
CVE-2021-37533 was published for commons-net:commons-net (Maven) Dec 3, 2022
Browsershot version 3.57.3 vulnerable to improper input validation Moderate
CVE-2022-43984 was published for spatie/browsershot (Composer) Nov 25, 2022
tdunlap607
Segfault in `CompositeTensorVariantToComponents` Moderate
CVE-2022-41909 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `PyFunc` Moderate
CVE-2022-41908 was published for tensorflow (pip) Nov 21, 2022
`CHECK_EQ` fail via input in `SparseMatrixNNZ` Moderate
CVE-2022-41901 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `SdcaOptimizer` Moderate
CVE-2022-41899 was published for tensorflow (pip) Nov 21, 2022
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad` Moderate
CVE-2022-41898 was published for tensorflow (pip) Nov 21, 2022
`tf.raw_ops.Mfcc` crashes Moderate
CVE-2022-41896 was published for tensorflow (pip) Nov 21, 2022
Segfault in `tf.raw_ops.TensorListConcat` Moderate
CVE-2022-41891 was published for tensorflow (pip) Nov 21, 2022
FPE in `tf.image.generate_bounding_box_proposals` Moderate
CVE-2022-41888 was published for tensorflow (pip) Nov 21, 2022
Improper use of metav1.Duration allows for Denial of Service Moderate
CVE-2022-39272 was published for github.com/fluxcd/flux2 (Go) Oct 19, 2022
codablock
Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint Moderate
CVE-2022-39281 was published for fat_free_crm (RubyGems) Oct 7, 2022
p-
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database