Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

390 advisories

Loading
async-graphql / async-graphql - @DOS GraphQL Nested Fragments overflow High
GHSA-xq3c-8gqm-v648 was published for async-graphql (Rust) Jul 29, 2022
nullswan MdotTIM
c0mp1eks
Credited to nullswan, MdotTIM, and c0mp1eks
oqs's Post-Quantum Signature scheme Rainbow level I parametersets broken High
GHSA-h864-m8vm-3xvj was published for oqs (Rust) Aug 18, 2022
`os_socketaddr` invalidly assumes the memory layout of std::net::SocketAddr High
GHSA-c439-chv8-8g2j was published for os_socketaddr (Rust) Sep 2, 2022
ckb type_id script resume may randomly fail High
GHSA-mcmr-49x3-4jqm was published for ckb (Rust) Nov 2, 2022
Double free in algorithmica High
CVE-2021-31996 was published for algorithmica (Rust) Aug 25, 2021
Double free in endian_trait High
CVE-2021-29929 was published for endian_trait (Rust) Aug 25, 2021
Double free in insert_many High
CVE-2021-29933 was published for insert_many (Rust) Aug 25, 2021
Null pointer deference in cache High
CVE-2021-25903 was published for cache (Rust) Aug 25, 2021
Memory safety violation in crayon High
CVE-2020-35889 was published for crayon (Rust) Aug 25, 2021
Double free in fil-ocl High
CVE-2021-25908 was published for fil-ocl (Rust) Aug 25, 2021
Data races in aovec High
CVE-2020-36207 was published for aovec (Rust) Aug 25, 2021
DoS Vulnerability from Upstream Actix Web Issues High
GHSA-gjrj-9rj4-pgwx was published for perseus-actix-web (Rust) Dec 15, 2021
phaleth
Credited to phaleth
Use after free in libpulse-binding High
GHSA-ghpq-vjxw-ch5w was published for libpulse-binding (Rust) Aug 25, 2021
fake-static allows converting any reference into a `'static` reference High
GHSA-8xw8-mmqv-frqq was published for fake-static (Rust) Aug 25, 2021
Free of uninitialized memory in autorand High
CVE-2020-36210 was published for autorand (Rust) Aug 25, 2021
Null pointer deference in av-data High
CVE-2021-25904 was published for av-data (Rust) Aug 25, 2021
Use of Uninitialized Resource in truetype High
CVE-2021-28030 was published for truetype (Rust) Aug 25, 2021
Remote memory exhaustion in ckb High
GHSA-48vq-8jqv-gm6f was published for ckb (Rust) Aug 25, 2021
Miner fails to get block template when a cell used as a cell dep has been destroyed. High
GHSA-v666-6w97-pcwm was published for ckb (Rust) Aug 25, 2021
Double free in basic_dsp_matrix High
CVE-2021-25906 was published for basic_dsp_matrix (Rust) Aug 25, 2021
Counter overflow in chacha20 High
CVE-2019-25005 was published for chacha20 (Rust) Aug 25, 2021
Array size is not checked in sized-chunks High
CVE-2020-25791 was published for sized-chunks (Rust) Aug 25, 2021
Memory exhaustion in asn1_der High
CVE-2019-15549 was published for asn1_der (Rust) Aug 25, 2021
Missing release of memory in sized-chunks High
CVE-2020-25794 was published for sized-chunks (Rust) Aug 25, 2021
Use-after-free in actix-http High
CVE-2020-35901 was published for actix-http (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database