GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
339 advisories
Filter by severity
fake-static allows converting any reference into a `'static` reference
High
GHSA-8xw8-mmqv-frqq
was published
for
fake-static
(Rust)
Aug 25, 2021
Use after free in libpulse-binding
High
GHSA-ghpq-vjxw-ch5w
was published
for
libpulse-binding
(Rust)
Aug 25, 2021
DoS Vulnerability from Upstream Actix Web Issues
High
GHSA-gjrj-9rj4-pgwx
was published
for
perseus-actix-web
(Rust)
Dec 15, 2021
ckb type_id script resume may randomly fail
High
GHSA-mcmr-49x3-4jqm
was published
for
ckb
(Rust)
Nov 2, 2022
`os_socketaddr` invalidly assumes the memory layout of std::net::SocketAddr
High
GHSA-c439-chv8-8g2j
was published
for
os_socketaddr
(Rust)
Sep 2, 2022
oqs's Post-Quantum Signature scheme Rainbow level I parametersets broken
High
GHSA-h864-m8vm-3xvj
was published
for
oqs
(Rust)
Aug 18, 2022
async-graphql / async-graphql - @DOS GraphQL Nested Fragments overflow
High
GHSA-xq3c-8gqm-v648
was published
for
async-graphql
(Rust)
Jul 29, 2022
ProTip!
Advisories are also available from the
GraphQL API