Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

306 advisories

Loading
Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter` Moderate
GHSA-wrw7-89jp-8q8g was published for glib (Rust) Dec 23, 2024
Unsound usages of `u8` type casting in spl-token-swap Moderate
GHSA-h6xm-c6r4-vmwf was published for spl-token-swap (Rust) Dec 23, 2024
libafl has unsound usages of `core::slice::from_raw_parts_mut` Moderate
GHSA-f7qj-v3vp-4856 was published for libafl (Rust) Dec 23, 2024
Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device` Moderate
GHSA-3qx8-rv27-j6gp was published for kvm-ioctls (Rust) Dec 23, 2024
rage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution Moderate
GHSA-4fg7-vxc8-qx5w was published for age (Rust) Dec 18, 2024
CosmWasm VM Incorrect metering Moderate
GHSA-2q97-m5rc-p3gp was published for cosmwasm-vm (Go) Dec 10, 2024
Panic in wasmvm can slow down block production Moderate
GHSA-vmqh-5232-v43r was published for cosmwasm-vm (Go) Dec 10, 2024
`idna` accepts Punycode labels that do not produce any non-ASCII when decoded Moderate
CVE-2024-12224 was published for idna (Rust) Dec 9, 2024
Build corruption when using `PYO3_CONFIG_FILE` environment variable Moderate
GHSA-vxcf-c7mx-pg53 was published for pyo3 (Rust) Dec 5, 2024
op_panic in the base runtime can force a panic in the runtime's containing thread Moderate
GHSA-fwfx-rrv8-crpf was published for rustyscript (Rust) Dec 4, 2024
op_panic in the base runtime can force a panic in the runtime's containing thread Moderate
GHSA-4mw5-2636-4535 was published for js-sandbox (Rust) Dec 4, 2024
Unsoundness in anstream Moderate
GHSA-2rxc-gjrp-vjhx was published for anstream (Rust) Dec 4, 2024
`ruzstd` uninit and out-of-bounds memory reads Moderate
GHSA-x3f4-45xf-rjm7 was published for ruzstd (Rust) Dec 2, 2024
rustls network-reachable panic in `Acceptor::accept` Moderate
GHSA-qg5g-gv98-5ffh was published for rustls (Rust) Nov 25, 2024
SurrealDB has an Uncaught Exception Sorting Tables by Random Order Moderate
GHSA-m52v-24p8-654f was published for surrealdb (Rust) Nov 22, 2024
finnbear extrawurst
SurrealDB has an Uncaught Exception Handling Nonexistent Role Moderate
GHSA-jc55-246c-r88f was published for surrealdb (Rust) Nov 22, 2024
garyhai
SurrealDB has an Uncaught Exception in Function Generating Random Time Moderate
GHSA-h4f5-h82v-5w4r was published for surrealdb (Rust) Nov 22, 2024
Sharks has a Bias of Polynomial Coefficients in Secret Sharing Moderate
GHSA-jp37-5qhw-mffw was published for sharks (Rust) Nov 18, 2024
zlib-rs stack overflow during decompression with malicious input Moderate
GHSA-j3px-q95c-9683 was published for libz-rs-sys (Rust) Nov 14, 2024
inahga
Mimalloc Can Allocate Memory with Bad Alignment Moderate
GHSA-g23h-7vf9-xc25 was published for mimalloc (Rust) Nov 12, 2024
`simd-json-derive` vulnerable to `MaybeUninit` misuse Moderate
GHSA-pqpw-89w5-82v5 was published for simd-json-derive (Rust) Nov 12, 2024
wasm3 uncontrolled memory allocation vulnerability Moderate
CVE-2024-27529 was published for github.com/shareup/wasm-interpreter-apple (pip) Nov 9, 2024
loona-hpack Panic Vulnerability Moderate
CVE-2024-51502 was published for loona-hpack (Rust) Nov 4, 2024
sp1-recursion-gnark-ffi has insufficient range checks of BabyBear arithmetic Moderate
GHSA-f77q-r5qm-w4m8 was published for sp1-recursion-gnark-ffi (Rust) Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API