GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
339 advisories
Filter by severity
Russh has an OOM Denial of Service due to allocation of untrusted amount
High
CVE-2024-43410
was published
for
russh
(Rust)
Aug 14, 2024
Diesel vulnerable to Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts
High
GHSA-wq9x-qwcq-mmgf
was published
for
diesel
(Rust)
Aug 23, 2024
Apollo Router Coprocessors may cause Denial-of-Service when handling request bodies
High
CVE-2024-43783
was published
for
apollo-router
(Rust)
Aug 27, 2024
Cargo prior to Rust 1.26.0 may download the wrong dependency
High
CVE-2019-16760
was published
for
cargo
(Rust)
May 24, 2022
olm-sys: wrapped library unmaintained, potentially vulnerable
High
GHSA-p2q9-36vw-c468
was published
for
olm-sys
(Rust)
Sep 3, 2024
Missing connection timeout in Aardvark-dns
High
CVE-2024-8418
was published
for
aardvark-dns
(Rust)
Sep 4, 2024
panic on parsing crafted phonenumber inputs
High
CVE-2024-39697
was published
for
phonenumber
(Rust)
Jul 9, 2024
ic-cdk has a memory leak when calling a canister method via `ic_cdk::call`
High
CVE-2024-7884
was published
for
ic_cdk
(Rust)
Sep 5, 2024
Denial of service in quinn-proto when using `Endpoint::retry()`
High
CVE-2024-45311
was published
for
quinn-proto
(Rust)
Sep 3, 2024
BER/CER/DER decoder panics on invalid input
High
CVE-2023-39914
was published
for
bcder
(Rust)
Sep 13, 2023
Untrusted Query Object Evaluation in RPC API
High
GHSA-64f8-pjgr-9wmr
was published
for
surrealdb
(Rust)
Sep 11, 2024
Pleaser privilege escalation vulnerability
High
CVE-2023-46277
was published
for
pleaser
(Rust)
Oct 20, 2023
Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queries
High
CVE-2024-43414
was published
for
@apollo/gateway
(npm)
Aug 27, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
High
CVE-2024-41815
was published
for
starship
(Rust)
Jul 26, 2024
ProTip!
Advisories are also available from the
GraphQL API