GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
74 advisories
Filter by severity
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow
Critical
GHSA-h6gw-r52c-724r
was published
for
tensorflow
(pip)
Feb 9, 2022
Missing validation results in undefined behavior in `SparseTensorDenseAdd
Moderate
CVE-2022-29206
was published
for
tensorflow
(pip)
May 24, 2022
Segfault due to missing support for quantized types
Moderate
CVE-2022-29205
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation results in undefined behavior in `QuantizedConv2D`
Moderate
CVE-2022-29201
was published
for
tensorflow
(pip)
May 24, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`
Moderate
CVE-2022-36013
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`
Moderate
CVE-2022-36014
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Moderate
CVE-2022-36011
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`
Moderate
CVE-2022-35965
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Moderate
CVE-2022-36000
was published
for
tensorflow
(pip)
Sep 16, 2022
Segfault via invalid attributes in `pywrap_tfe_src.cc`
Moderate
CVE-2022-41889
was published
for
tensorflow
(pip)
Nov 21, 2022
Undefined behavior in Tensorflow
Moderate
CVE-2020-15191
was published
for
tensorflow
(pip)
Sep 25, 2020
Null pointer dereference in tensorflow-lite
Moderate
CVE-2020-15209
was published
for
tensorflow
(pip)
Sep 25, 2020
Null pointer dereference in `EditDistance`
Low
CVE-2021-29564
was published
for
tensorflow
(pip)
May 21, 2021
Null dereference in Grappler's `TrySimplify`
Low
CVE-2021-29616
was published
for
tensorflow
(pip)
May 21, 2021
Undefined behavior in `MaxPool3DGradGrad`
Low
CVE-2021-29574
was published
for
tensorflow
(pip)
May 21, 2021
Reference binding to nullptr in `SdcaOptimizer`
Low
CVE-2021-29572
was published
for
tensorflow
(pip)
May 21, 2021
Null pointer dereference in `SparseFillEmptyRows`
Low
CVE-2021-29565
was published
for
tensorflow
(pip)
May 21, 2021
Reference binding to null pointer in `MatrixDiag*` ops
Low
CVE-2021-29515
was published
for
tensorflow
(pip)
May 21, 2021
Null pointer dereference in `StringNGrams`
Low
CVE-2021-29541
was published
for
tensorflow
(pip)
May 21, 2021
Invalid validation in `SparseMatrixSparseCholesky`
Low
CVE-2021-29530
was published
for
tensorflow
(pip)
May 21, 2021
Session operations in eager mode lead to null pointer dereferences
Low
CVE-2021-29518
was published
for
tensorflow
(pip)
May 21, 2021
Type confusion during tensor casts lead to dereferencing null pointers
Low
CVE-2021-29513
was published
for
tensorflow
(pip)
May 21, 2021
ProTip!
Advisories are also available from the
GraphQL API