Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

153 advisories

Loading
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
SM2 Decryption Buffer Overflow Critical
CVE-2021-3711 was published for openssl-src (Rust) May 24, 2022
another-rex
Fix a use-after-free bug in diesels Sqlite backend Critical
CVE-2021-28305 was published for diesel (Rust) May 24, 2022
move_elements can double-free objects on panic Critical
CVE-2021-28031 was published for scratchpad (Rust) May 24, 2022
Loading a bgzip block can write out of bounds if size overflows. Critical
CVE-2021-28027 was published for bam (Rust) May 24, 2022
Buffer overflow in SmallVec::insert_many Critical
CVE-2021-25900 was published for smallvec (Rust) May 24, 2022
tdunlap607
Incorrect Calculation in solana_rbpf Critical
CVE-2022-23066 was published for solana_rbpf (Rust) May 10, 2022
Insecure temporary file usage in SWHKD Critical
CVE-2022-27818 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Insecure Temporary File in SWHKD Critical
CVE-2022-27815 was published for Simple-Wayland-HotKey-Daemon (Rust) Mar 31, 2022
Shinyzenith
Sandbox bypass leading to arbitrary code execution in Deno Critical
CVE-2022-24783 was published for deno (Rust) Mar 29, 2022
DjDeveloperr andreubotella
aapoalas lucacasonato tdunlap607
Buffer Overflow in galois_2p8 Critical
CVE-2022-24988 was published for galois_2p8 (Rust) Feb 15, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25024 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25026 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25025 was published for actix-web (Rust) Jan 6, 2022
Use of Uninitialized Resource in flumedb. Critical
CVE-2021-45684 was published for flumedb (Rust) Jan 6, 2022
J3rry-1729
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36513 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36514 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in buffoon. Critical
CVE-2020-36512 was published for buffoon (Rust) Jan 6, 2022
Use of Uninitialized Resource in bronzedb-protocol. Critical
CVE-2021-45682 was published for bronzedb-protocol (Rust) Jan 6, 2022
Use of Uninitialized Resource in binjs_io. Critical
CVE-2021-45683 was published for binjs_io (Rust) Jan 6, 2022
Use of Uninitialized Resource in csv-sniffer. Critical
CVE-2021-45686 was published for csv-sniffer (Rust) Jan 6, 2022
J3rry-1729
columnar: Read on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec()) Critical
CVE-2021-45685 was published for columnar (Rust) Jan 6, 2022
Deserialization of Untrusted Data in rust-cpuid Critical
CVE-2021-45687 was published for raw-cpuid (Rust) Jan 6, 2022
richardfan0606
Use of Uninitialized Resource in ash. Critical
CVE-2021-45688 was published for ash (Rust) Jan 6, 2022
tdunlap607
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45693 was published for messagepack-rs (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API