这是indexloc提供的服务,不要输入任何密码
Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

23,264 advisories

Loading
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs` Low
CVE-2022-36016 was published for tensorflow (pip) Sep 16, 2022
Elrond-go has improper initialization Critical
CVE-2022-36061 was published for github.com/ElrondNetwork/elrond-go (Go) Sep 16, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr` Moderate
CVE-2022-36014 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to integer overflow in math ops Low
CVE-2022-36015 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to assertion fail on MLIR empty edge names Moderate
CVE-2022-36012 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `DenseBincount` Moderate
CVE-2022-35987 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` failure in `AvgPoolOp` Moderate
CVE-2022-35941 was published for tensorflow (pip) Sep 16, 2022
Parse Server vulnerable to brute force guessing of user sensitive data via search patterns High
CVE-2022-36079 was published for parse-server (npm) Sep 16, 2022
s00py
TensorFlow vulnerable to `CHECK` fail in `QuantizeAndDequantizeV3` Moderate
CVE-2022-36026 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `RaggedTensorToVariant` Moderate
CVE-2022-36018 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannel` Moderate
CVE-2022-36019 was published for tensorflow (pip) Sep 16, 2022
`cell-project` used incorrect variance when projecting through `&Cell<T>` Moderate
GHSA-p75v-367r-2v23 was published for cell-project (Rust) Sep 16, 2022
TensorFlow segfault TFLite converter on per-channel quantized transposed convolutions Moderate
CVE-2022-36027 was published for tensorflow (pip) Sep 16, 2022
SFTPGo vulnerable to recovery codes abuse High
CVE-2022-36071 was published for github.com/drakkan/sftpgo/v2 (Go) Sep 16, 2022
XWiki Cross-Site Request Forgery (CSRF) for actions on tags Moderate
CVE-2022-36095 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Sep 16, 2022
TensorFlow vulnerable to OOB write in `scatter_nd` in TF Lite High
CVE-2022-35939 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to OOB read in `Gather_nd` in TF Lite High
CVE-2022-35937 was published for tensorflow (pip) Sep 16, 2022
mozjpeg DecompressScanlines::read_scanlines is Unsound High
GHSA-v8gq-5grq-9728 was published for mozjpeg (Rust) Sep 16, 2022
ansi_term is Unmaintained Low
GHSA-74w3-p89x-ffgh was published for ansi_term (Rust) Sep 16, 2022 withdrawn
kornelski Emilgardis
Shopware contains sensitive data in backend customer module Moderate
CVE-2022-36101 was published for shopware/shopware (Composer) Sep 16, 2022
OAuthLib vulnerable to DoS when attacker provides malicious IPV6 URI Moderate
CVE-2022-36087 was published for oauthlib (pip) Sep 16, 2022
SCH227 loljawn
Shopware access control list bypassed via crafted specific URLs Moderate
CVE-2022-36102 was published for shopware/shopware (Composer) Sep 16, 2022
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions Moderate
CVE-2022-36109 was published for github.com/docker/docker (Go) Sep 16, 2022
sjmurdoch neersighted
anonymous-nlp-student
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function High
CVE-2022-39213 was published for github.com/pandatix/go-cvss (Go) Sep 16, 2022
TensorFlow vulnerable to `CHECK` failure in tf.reshape via overflows Moderate
CVE-2022-35934 was published for tensorflow (pip) Sep 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database