Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

261 advisories

Loading
Use after free in actix-service Moderate
CVE-2020-35899 was published for actix-service (Rust) Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr Moderate
CVE-2020-35886 was published for arr (Rust) Aug 25, 2021
HTTP Request smuggling in tiny_http Moderate
CVE-2020-35884 was published for tiny_http (Rust) Aug 25, 2021
Uninitialized memory exposure in claxon Moderate
CVE-2018-20992 was published for claxon (Rust) Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
HTTPS MitM vulnerability due to lack of hostname verification Moderate
CVE-2016-10932 was published for hyper (Rust) Aug 25, 2021
tdunlap607
Headers containing newline characters can split messages in hyper Moderate
CVE-2017-18587 was published for hyper (Rust) Aug 25, 2021
Improper Certificate Validation in security-framework Moderate
CVE-2017-18588 was published for security-framework (Rust) Aug 25, 2021
Multiple memory safety issues in actix-web Moderate
GHSA-w65j-g6c7-g3m4 was published for actix-web (Rust) Aug 25, 2021
VecStorage Deserialize Allows Violation of Length Invariant Moderate
GHSA-h3mf-4fwp-59c7 was published for nalgebra (Rust) Aug 5, 2021 withdrawn
Integer Overflow in Chunked Transfer-Encoding Moderate
CVE-2021-32714 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
ProTip! Advisories are also available from the GraphQL API