Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

339 advisories

Loading
webpki: CPU denial of service in certificate path building High
GHSA-8qv2-5vq6-g2g7 was published for webpki (Rust) Aug 25, 2023
nipunn1313 phil-opp
Use of Uninitialized Resource in smallvec High
CVE-2018-25023 was published for smallvec (Rust) Jan 6, 2022
tdunlap607
Missing "--allow-net" permission check for built-in Node modules High
CVE-2023-33966 was published for deno (Rust) May 31, 2023
sylc
Improper handling of NTS cookie length that could crash the ntpd-rs server High
CVE-2023-33192 was published for ntpd (Rust) May 25, 2023
mlichvar
Denial of Service issue in quinn-proto High
CVE-2023-42805 was published for quinn-proto (Rust) Sep 21, 2023
QUICTester
twitch-tui's connection is not encrypted High
CVE-2023-38688 was published for twitch-tui (Rust) Jul 31, 2023
Roger
Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions High
CVE-2023-45812 was published for apollo-router (Rust) Oct 19, 2023
garypen BrynCooke
BryanBarron jasonbarnett667 shorgi
zola Path Traversal vulnerability High
CVE-2023-40274 was published for zola (Rust) Aug 14, 2023
lol-html panics on certain HTML inputs High
CVE-2023-4241 was published for lol-html (Rust) Aug 9, 2023
Invalid handling of `X509_verify_cert()` internal errors in libssl High
CVE-2021-4044 was published for openssl-src (Rust) Dec 15, 2021
pinkforest
Double free in glsl-layout High
CVE-2021-25902 was published for glsl-layout (Rust) Aug 25, 2021
phonenumber panics on parsing crafted RFC3966 inputs High
CVE-2023-42444 was published for phonenumber (Rust) Sep 21, 2023
sno2 gferon
Incorrect implementation of the Streebog hash functions in streebog High
CVE-2019-25006 was published for streebog (Rust) Aug 25, 2021
Incorrect implementation in streebog High
CVE-2019-25007 was published for streebog (Rust) Aug 25, 2021
urlnorm vulnerable to Regular Expression Denial of Service High
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023
xml-rs vulnerable to denial of service via invalid token in XML document High
CVE-2023-34411 was published for xml-rs (Rust) Jun 5, 2023
00xc
Cargo not respecting umask when extracting crate archives High
CVE-2023-38497 was published for cargo (Rust) Aug 3, 2023
addisoncrump pietroalbini
weihanglo ehuss cuviper Manishearth
blurhash panics on parsing crafted inputs High
CVE-2023-42447 was published for blurhash (Rust) Sep 21, 2023
rubdos
Insufficient covariance check makes self_cell unsound High
GHSA-48m6-wm5p-rr6h was published for self_cell (Rust) Nov 14, 2023
Stack consumption in trust-dns-server High
CVE-2020-35857 was published for trust-dns-server (Rust) Aug 25, 2021
tdunlap607
Candid infinite decoding loop through specially crafted payload High
CVE-2023-6245 was published for candid (Rust) Dec 8, 2023
venkkatesh-sekar chenyan-dfinity
Full Table Permissions by Default High
GHSA-x5fr-7hhj-34j3 was published for surrealdb (Rust) Dec 15, 2023
LucyEgan
Remotely exploitable denial of service in Rosenpass High
GHSA-6ggr-cwv4-g7qg was published for rosenpass (Rust) Dec 21, 2023
Tauri's Updater Private Keys Possibly Leaked via Vite Environment Variables High
CVE-2023-46115 was published for @tauri-apps/cli (npm) Oct 20, 2023
Wasmer filesystem sandbox not enforced High
CVE-2023-51661 was published for wasmer-cli (Rust) Dec 13, 2023
yagehu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database