Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,900
Maven
5,000+
npm
4,552
NuGet
786
pip
4,287
Pub
12
RubyGems
979
Rust
1,110
Swift
49
Unreviewed advisories
All unreviewed
5,000+

11,435 advisories

Loading
Multiple memory safety issues in actix-web Moderate
GHSA-w65j-g6c7-g3m4 was published for actix-web (Rust) Aug 25, 2021
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2021-3728 was published for grumpydictator/firefly-iii (Composer) Aug 25, 2021
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2021-3730 was published for grumpydictator/firefly-iii (Composer) Aug 25, 2021
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2021-3729 was published for grumpydictator/firefly-iii (Composer) Aug 25, 2021
XStream can cause a Denial of Service Moderate
CVE-2021-39140 was published for com.thoughtworks.xstream:xstream (Maven) Aug 25, 2021
ASP.NET Core Information Disclosure Vulnerability Moderate
CVE-2021-34532 was published for Microsoft.AspNetCore.Authentication.JwtBearer (NuGet) Aug 25, 2021
Cross site scripting via HTML attributes in the back end Moderate
CVE-2021-35955 was published for contao/contao (Composer) Aug 25, 2021
m-vo
Credited to m-vo
Floating point exception in `SparseDenseCwiseDiv` Moderate
CVE-2021-37636 was published for tensorflow (pip) Aug 25, 2021
Integer division by 0 in sparse reshaping Moderate
CVE-2021-37640 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `RaggedGather` Moderate
CVE-2021-37641 was published for tensorflow (pip) Aug 25, 2021
Division by 0 in `ResourceScatterDiv` Moderate
CVE-2021-37642 was published for tensorflow (pip) Aug 25, 2021
`std::abort` raised from `TensorListReserve` Moderate
CVE-2021-37644 was published for tensorflow (pip) Aug 25, 2021
Integer overflow due to conversion to unsigned Moderate
CVE-2021-37645 was published for tensorflow (pip) Aug 25, 2021
Bad alloc in `StringNGrams` caused by integer conversion Moderate
CVE-2021-37646 was published for tensorflow (pip) Aug 25, 2021
Division by 0 in `ResourceGather` Moderate
CVE-2021-37653 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `RaggedTensorToSparse` Moderate
CVE-2021-37656 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `MatrixDiagV*` ops Moderate
CVE-2021-37657 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in `MatrixSetDiagV*` ops Moderate
CVE-2021-37658 was published for tensorflow (pip) Aug 25, 2021
Division by 0 in inplace operations Moderate
CVE-2021-37660 was published for tensorflow (pip) Aug 25, 2021
Crash caused by integer conversion to unsigned Moderate
CVE-2021-37661 was published for tensorflow (pip) Aug 25, 2021
Reference binding to nullptr in boosted trees Moderate
CVE-2021-37662 was published for tensorflow (pip) Aug 25, 2021
FPE in `tf.raw_ops.UnravelIndex` Moderate
CVE-2021-37668 was published for tensorflow (pip) Aug 25, 2021
Crash in NMS ops caused by integer conversion to unsigned Moderate
CVE-2021-37669 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `UpperBound` and `LowerBound` Moderate
CVE-2021-37670 was published for tensorflow (pip) Aug 25, 2021
Heap OOB in `SdcaOptimizerV2` Moderate
CVE-2021-37672 was published for tensorflow (pip) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database