Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

872 advisories

Loading
Nervos CKB Snappy decompress length can be very large and causes out of memory error High
GHSA-3gjh-29fv-8hr6 was published for ckb (Rust) Feb 3, 2024
quake
Nervos CKB Panic on malformed input High
GHSA-wjxc-pjx9-4wvm was published for ckb (Rust) Feb 3, 2024
quake
Nervos CKB node panics when processing a block which parent timestamp is too new High
GHSA-hjqq-29pw-96wj was published for ckb (Rust) Feb 2, 2024
Nervos CKB BlockTimeTooNew should not be considered as invalid block Moderate
GHSA-r9rv-9mh8-pxf4 was published for ckb (Rust) Feb 2, 2024
Nervos CKB DoS: Process exists when p2p discovery protocol receives unsupported peer IP Low
GHSA-pr39-8257-fxc2 was published for ckb (Rust) Feb 2, 2024
Nervos CKB P2P DoS Attacks Critical
GHSA-84x2-2qv6-qg56 was published for ckb (Rust) Feb 2, 2024
Nervos CKB Unaligned Pointer Dereference Moderate
GHSA-q669-2vfg-cxcg was published for ckb (Rust) Feb 2, 2024
wasmtime_trap_code C API function has out of bounds write vulnerability Low
CVE-2022-39394 was published for wasmtime (Rust) Feb 1, 2024
kpreisser
Memory over-allocation in evm crate Moderate
CVE-2021-29511 was published for evm (Rust) Jan 30, 2024
Any authenticated user may obtain private message details from other users on the same instance High
CVE-2024-23649 was published for lemmy_server (Rust) Jan 24, 2024
Nothing4You
Unauthenticated Nonce Increment in snow Moderate
GHSA-7g9j-g5jg-3vv3 was published for snow (Rust) Jan 24, 2024
Use-after-free when setting the locale Moderate
GHSA-c8v3-jhv9-4ppc was published for rust-i18n-support (Rust) Jan 23, 2024
Unsound sending of non-Send types across threads in threadalone Moderate
GHSA-w59h-378f-2frm was published for threadalone (Rust) Jan 23, 2024
Multiple issues involving quote API in shlex High
GHSA-r7qv-8r2h-pg27 was published for shlex (Rust) Jan 22, 2024
SurrealDB vulnerable to Uncontrolled CPU Consumption via WebSocket Interface High
GHSA-58j9-j2fj-v8f4 was published for surrealdb (Rust) Jan 19, 2024
Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS) Moderate
GHSA-8r5v-vm4m-4g25 was published for h2 (Rust) Jan 19, 2024
Uncontrolled Recursion in SurrealQL Parsing Moderate
GHSA-6r8p-hpg7-825g was published for surrealdb (Rust) Jan 18, 2024
Uncaught Exception processing HTTP Headers in SurrealDB High
GHSA-m24x-r6q3-2vp9 was published for surrealdb (Rust) Jan 18, 2024
Tu0Laj1
Uncaught Exception in surrealdb Moderate
GHSA-jm4v-58r5-66hj was published for surrealdb (Rust) Jan 18, 2024
Tu0Laj1 jabis
use-after-free in tracing Moderate
GHSA-8f24-6m29-wm2r was published for tracing (Rust) Jan 17, 2024
ferris-says has undefined behavior when not using UTF-8 Low
GHSA-v363-rrf2-5fmj was published for ferris-says (Rust) Jan 17, 2024
CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential Moderate
CVE-2024-21670 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders Moderate
CVE-2024-22192 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
Breaking unlinkability in Identity Mixer using malicious keys Low
CVE-2022-31021 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
ProTip! Advisories are also available from the GraphQL API