Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

326 advisories

Loading
Data races in hashconsing High
CVE-2020-36215 was published for hashconsing (Rust) Aug 25, 2021
Data races in rusb High
CVE-2020-36206 was published for rusb (Rust) Aug 25, 2021
Data races in conquer-once High
CVE-2020-36208 was published for conquer-once (Rust) Aug 25, 2021
Data races in aovec High
CVE-2020-36207 was published for aovec (Rust) Aug 25, 2021
Data races in late-static High
CVE-2020-36209 was published for late-static (Rust) Aug 25, 2021
Free of uninitialized memory in autorand High
CVE-2020-36210 was published for autorand (Rust) Aug 25, 2021
Data races in gfwx High
CVE-2020-36211 was published for gfwx (Rust) Aug 25, 2021
Unexpected panic in multihash High
CVE-2020-35909 was published for multihash (Rust) Aug 25, 2021
Use-after-free in actix-http High
CVE-2020-35901 was published for actix-http (Rust) Aug 25, 2021
Insufficient size checks in ws High
CVE-2020-35896 was published for ws (Rust) Aug 25, 2021
Memory safety violation in crayon High
CVE-2020-35889 was published for crayon (Rust) Aug 25, 2021
Double free in ordnung High
CVE-2020-35891 was published for ordnung (Rust) Aug 25, 2021
Out of bounds read in ordnung High
CVE-2020-35890 was published for ordnung (Rust) Aug 25, 2021
Off-by-one error in simple-slab High
CVE-2020-35893 was published for simple-slab (Rust) Aug 25, 2021
tdunlap607
Unaligned references in Obstack High
CVE-2020-35894 was published for obstack (Rust) Aug 25, 2021
Data races in rocket High
CVE-2020-35882 was published for rocket (Rust) Aug 25, 2021
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked` High
CVE-2020-35865 was published for os_str_bytes (Rust) Aug 25, 2021
Dangling reference in flatbuffers High
CVE-2020-35864 was published for flatbuffers (Rust) Aug 25, 2021
Out of bounds read in bumpalo High
CVE-2020-35861 was published for bumpalo (Rust) Aug 25, 2021
Data races in rusqlite High
CVE-2020-35871 was published for rusqlite (Rust) Aug 25, 2021
Excessive memory usage in tokio-rustls High
CVE-2020-35875 was published for tokio-rustls (Rust) Aug 25, 2021
Use after free in internment High
CVE-2020-35874 was published for internment (Rust) Aug 25, 2021
libsecp256k1 contains side-channel timing attack High
CVE-2019-25003 was published for libsecp256k1 (Rust) Aug 25, 2021
Incorrect implementation in streebog High
CVE-2019-25007 was published for streebog (Rust) Aug 25, 2021
Stack consumption in trust-dns-server High
CVE-2020-35857 was published for trust-dns-server (Rust) Aug 25, 2021
tdunlap607
ProTip! Advisories are also available from the GraphQL API