Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,339
Maven
5,000+
npm
5,000+
NuGet
880
pip
4,548
Pub
12
RubyGems
1,012
Rust
1,201
Swift
51
Unreviewed advisories
All unreviewed
5,000+

27,890 advisories

Loading
PaddlePaddle command injection in get_online_pass_interval Critical
CVE-2023-52310 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle nullptr dereference in paddle.crop Moderate
CVE-2023-52312 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle command injection in _wget_download Critical
CVE-2023-52311 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle command injection in convert_shape_compare Critical
CVE-2023-52314 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle floating point exception in paddle.argmin and paddle.argmax Moderate
CVE-2023-52313 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle heap buffer overflow in paddle.repeat_interleave High
CVE-2023-52309 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle floating point exception in paddle.lerp Moderate
CVE-2023-52306 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle stack overflow in paddle.linalg.lu_unpack High
CVE-2023-52307 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle floating point exception in paddle.amin Moderate
CVE-2023-52308 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle segfault in paddle.put_along_axis Moderate
CVE-2023-52303 was published for paddlepaddle (pip) Jan 3, 2024
PaddlePaddle segfault in paddle.mode Moderate
CVE-2023-38678 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle null pointer dereference in paddle.nextafter Moderate
CVE-2023-52302 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle floating point exception in paddle.linalg.eig Moderate
CVE-2023-38677 was published for paddlepaddle (pip) Jan 3, 2024
PaddlePaddle segfault in paddle.dot Moderate
CVE-2023-38676 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle floating point exception in paddle.linalg.matrix_rank Moderate
CVE-2023-38675 was published for PaddlePaddle (pip) Jan 3, 2024
PaddlePaddle floating point exception in paddle.nanmedian Moderate
CVE-2023-38674 was published for PaddlePaddle (pip) Jan 3, 2024
plotly.js prototype pollution vulnerability Critical
CVE-2023-46308 was published for plotly.js (Composer) Jan 3, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26625 was published for gilacms/gila (Composer) Jan 3, 2024
Gila CMS SQL Injection Moderate
CVE-2020-26623 was published for gilacms/gila (Composer) Jan 3, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26624 was published for gilacms/gila (Composer) Jan 3, 2024
Potential Actions command injection in output filenames (GHSL-2023-275) High
CVE-2023-52137 was published for tj-actions/verify-changed-files (GitHub Actions) Jan 2, 2024
jorgectf Credited to jorgectf and jsoref jsoref jsoref
tj-actions/changed-files has Potential Actions command injection in output filenames (GHSL-2023-271) High
CVE-2023-51664 was published for tj-actions/changed-files (GitHub Actions) Jan 2, 2024
jorgectf Credited to jorgectf and jsoref jsoref jsoref
Hail relies on OIDC email claims to verify the validity of a user's domain. Moderate
CVE-2023-51663 was published for hail (pip) Jan 2, 2024
OWASP.AntiSamy mXSS when preserving comments Moderate
CVE-2023-51652 was published for OWASP.AntiSamy (NuGet) Jan 2, 2024
leeN Credited to leeN and spassarop spassarop spassarop
`serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access Moderate
CVE-2023-50711 was published for vmm-sys-util (Rust) Jan 2, 2024
bchalios Credited to bchalios
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database