Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

339 advisories

Loading
X.509 Email Address Variable Length Buffer Overflow High
CVE-2022-3786 was published for openssl-src (Rust) Nov 1, 2022
Wasmtime may have data leakage between instances in the pooling allocator High
CVE-2022-39393 was published for wasmtime (Rust) Nov 10, 2022
alexcrichton
Use After Free in lucet High
CVE-2021-43790 was published for lucet-runtime (Rust) Nov 30, 2021
iximeow acfoltzer
cratelyn aturon alexcrichton aggarwaa
Improper sanitization of target names High
CVE-2021-41149 was published for tough (Rust) Oct 19, 2021
coreos-installer improperly verifies GPG signature when decompressing gzipped artifact High
CVE-2021-20319 was published for coreos-installer (Rust) Oct 12, 2021
raballew bgilbert
Specification non-compliance in JUMPI High
CVE-2021-41153 was published for evm (Rust) Oct 19, 2021
Use after free in generic-array High
CVE-2020-36465 was published for generic-array (Rust) Aug 25, 2021
Data races in bunch High
CVE-2020-36450 was published for bunch (Rust) Aug 25, 2021
Unaligned memory allocation in chunky High
CVE-2020-36433 was published for chunky (Rust) Aug 25, 2021
Data races in scottqueue High
CVE-2020-36453 was published for scottqueue (Rust) Aug 25, 2021
Memory exhaustion in routinator High
CVE-2021-43174 was published for routinator (Rust) Nov 11, 2021
Improper sanitization of delegated role names High
CVE-2021-41150 was published for tough (Rust) Oct 19, 2021
Remote code execution in better-macro High
CVE-2021-38196 was published for better-macro (Rust) Aug 25, 2021
Use after free in heapless High
CVE-2020-36464 was published for heapless (Rust) Aug 25, 2021
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
Uninitialized memory use in generator High
CVE-2019-16144 was published for generator (Rust) Aug 25, 2021
Data races in lexer High
CVE-2020-36458 was published for lexer (Rust) Aug 25, 2021
Data races in rcu_cell High
CVE-2020-36451 was published for rcu_cell (Rust) Aug 25, 2021
Data races in cache High
CVE-2020-36448 was published for cache (Rust) Aug 25, 2021
Uncontrolled Resource Consumption in parse_duration High
CVE-2021-29932 was published for parse_duration (Rust) Aug 25, 2021
Data races in dces High
CVE-2020-36459 was published for dces (Rust) Aug 25, 2021
Command injection in kekbit High
CVE-2020-36449 was published for kekbit (Rust) Aug 25, 2021
Data races in toolshed High
CVE-2020-36456 was published for toolshed (Rust) Aug 25, 2021
Data races in model High
CVE-2020-36460 was published for model (Rust) Aug 25, 2021
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU High
CVE-2022-35724 was published for apache-avro (Rust) Aug 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database