Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

154 advisories

Loading
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
ckb: Transaction header_deps validation issue (network forking) Critical
GHSA-7fw6-6mfj-g3q2 was published for ckb (Rust) Nov 2, 2022
Generated code can read and write out of bounds in safe code Critical
GHSA-3jch-9qgp-4844 was published for flatbuffers (Rust) Jun 16, 2022
Use after free in rio Critical
CVE-2020-35876 was published for rio (Rust) Aug 25, 2021
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian
NULL Pointer Dereference in cbox Critical
CVE-2020-35860 was published for cbox (Rust) Aug 25, 2021
Double free in through Critical
CVE-2021-29940 was published for through (Rust) Aug 25, 2021
Unsoundness in bigint Critical
CVE-2020-35880 was published for bigint (Rust) Aug 25, 2021
Data race in internment Critical
CVE-2021-28037 was published for internment (Rust) Aug 25, 2021
Free of uninitialized memory in adtensor Critical
CVE-2021-29936 was published for adtensor (Rust) Aug 25, 2021
Out of bounds write in traitobject Critical
CVE-2020-35881 was published for traitobject (Rust) Aug 25, 2021
Process crashes when the cell used as DepGroup is not alive Critical
GHSA-45p7-c959-rgcm was published for ckb (Rust) Aug 25, 2021
Integer overflow in base64 Critical
CVE-2017-1000430 was published for base64 (Rust) Aug 25, 2021
Uninitialized memory access in outer_cgi Critical
CVE-2021-30454 was published for outer_cgi (Rust) Aug 25, 2021
Use-after-free in yottadb Critical
CVE-2021-27377 was published for yottadb (Rust) Aug 25, 2021
Double free in http Critical
CVE-2019-25009 was published for http (Rust) Aug 25, 2021
Use after free in actix-utils Critical
CVE-2020-35898 was published for actix-utils (Rust) Aug 25, 2021
traitobject is Unmaintained Critical
GHSA-pp8r-vv2j-9j5v was published for traitobject (Rust) Sep 16, 2022
typemap is Unmaintained Critical
GHSA-vfv3-9w6v-23jp was published for typemap (Rust) Sep 16, 2022
wee_alloc is Unmaintained Critical
GHSA-rc23-xxgq-x27g was published for wee_alloc (Rust) Sep 16, 2022
Delegate functions are missing `Send` bound Critical
GHSA-x4mq-m75f-mx8m was published for windows (Rust) Jun 17, 2022
KamilaBorowska
Miscomputation when performing AES encryption in rust-crypto Critical
GHSA-jp3w-3q88-34cf was published for rust-crypto (Rust) Jun 17, 2022
Use-after-free in actix-codec Critical
CVE-2020-35902 was published for actix-codec (Rust) Aug 25, 2021
Out of bounds read in simple-slab Critical
CVE-2020-35892 was published for simple-slab (Rust) Aug 25, 2021
Memory flaw in zeroize_derive Critical
CVE-2021-45706 was published for zeroize_derive (Rust) Jan 6, 2022
KamilaBorowska
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database