Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

153 advisories

Loading
Sandbox bypass leading to arbitrary code execution in Deno Critical
CVE-2022-24783 was published for deno (Rust) Mar 29, 2022
DjDeveloperr andreubotella
aapoalas lucacasonato tdunlap607
Use After Free in tremor-script Critical
CVE-2021-45701 was published for tremor-script (Rust) Jan 6, 2022
Double-free in id-map Critical
CVE-2021-30455 was published for id-map (Rust) Aug 25, 2021
Use after free in rusqlite Critical
CVE-2020-35870 was published for rusqlite (Rust) Aug 25, 2021
Algorithms compute incorrect results in blake2 Critical
CVE-2019-16143 was published for blake2 (Rust) Aug 25, 2021
Use of Uninitialized Resource in gfx-auxil Critical
CVE-2021-45689 was published for gfx-auxil (Rust) Jan 6, 2022
Arbitrary return types in xcb Critical
CVE-2021-26956 was published for xcb (Rust) Aug 25, 2021
Out of bounds read in xcb Critical
CVE-2021-26957 was published for xcb (Rust) Aug 25, 2021
Double free in sys-info Critical
CVE-2020-36434 was published for sys-info (Rust) Aug 25, 2021
Use of Uninitialized Resource in tectonic_xdv Critical
CVE-2021-45703 was published for tectonic_xdv (Rust) Jan 6, 2022
Double free in toodee Critical
CVE-2021-28028 was published for toodee (Rust) Sep 1, 2021
Memory corruption in smallvec Critical
CVE-2019-15554 was published for smallvec (Rust) Aug 25, 2021
Heap overflow or corruption in safe-transmute Critical
CVE-2018-21000 was published for safe-transmute (Rust) Aug 25, 2021
tdunlap607
Double free in smallvec Critical
CVE-2018-20991 was published for smallvec (Rust) Aug 25, 2021
Double free in smallvec Critical
CVE-2019-15551 was published for smallvec (Rust) Aug 25, 2021
tdunlap607
Out of bounds write in slice-deque Critical
CVE-2019-15543 was published for slice-deque (Rust) Aug 25, 2021
Memory corruption slice-deque Critical
CVE-2018-20995 was published for slice-deque (Rust) Aug 25, 2021
Drop of uninitialized memory in stack_dst Critical
CVE-2021-28035 was published for stack_dst (Rust) Sep 1, 2021
Double free in stack_dst Critical
CVE-2021-28034 was published for stack_dst (Rust) Sep 1, 2021
Data races in rulinalg Critical
CVE-2020-35879 was published for rulinalg (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35866 was published for rusqlite (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35867 was published for rusqlite (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35868 was published for rusqlite (Rust) Aug 25, 2021
Mishandling of format strings in rusqlite Critical
CVE-2020-35869 was published for rusqlite (Rust) Aug 25, 2021
move_elements can double-free objects on panic Critical
CVE-2021-28031 was published for scratchpad (Rust) May 24, 2022
ProTip! Advisories are also available from the GraphQL API