Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

153 advisories

Loading
Use after free in portaudio-rs Critical
CVE-2019-16881 was published for portaudio-rs (Rust) Aug 25, 2021
Out of bounds write in prost Critical
CVE-2020-35858 was published for prost (Rust) Aug 25, 2021
tdunlap607
Incorrect check on buffer length in rand_core Critical
CVE-2021-27378 was published for rand_core (Rust) Aug 25, 2021
rillian
Improper Input Validation in renderdoc Critical
CVE-2019-16142 was published for renderdoc (Rust) Aug 25, 2021
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
Deserialization of Untrusted Data in rust-cpuid Critical
CVE-2021-45687 was published for raw-cpuid (Rust) Jan 6, 2022
richardfan0606
Improper type usage in rusqlite Critical
CVE-2020-35872 was published for rusqlite (Rust) Aug 25, 2021
Use after free in rusqlite Critical
CVE-2020-35873 was published for rusqlite (Rust) Aug 25, 2021
Out of bounds read in Ozone Critical
CVE-2020-35877 was published for ozone (Rust) Aug 25, 2021
Use after free in nano_arena Critical
CVE-2021-28032 was published for nano_arena (Rust) Aug 25, 2021
Buffer overflow and format vulnerabilities in ncurses Critical
CVE-2019-15548 was published for ncurses (Rust) Aug 25, 2021
Use after free in openssl Critical
CVE-2018-20997 was published for openssl (Rust) Aug 25, 2021
openssl-src heap memory corruption with RSA private key operation Critical
CVE-2022-2274 was published for openssl-src (Rust) Jul 2, 2022
KamilaBorowska
Drop of uninitialized memory in Ozone Critical
CVE-2020-35878 was published for ozone (Rust) Aug 25, 2021
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45693 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45692 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs Critical
CVE-2021-45691 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45690 was published for messagepack-rs (Rust) Jan 6, 2022
Pointer dereference in nanorand Critical
CVE-2021-45705 was published for nanorand (Rust) Jan 6, 2022
Incorrect reliance on Trait memory layout in mopa Critical
CVE-2021-45695 was published for mopa (Rust) Jan 6, 2022
The `total_size` function for partial read the length of any `FixVec` is incorrect in molecule. Critical
CVE-2021-45697 was published for molecule (Rust) Jan 6, 2022
nb-connect invalidly assumes the memory layout of std::net::SocketAddr Critical
CVE-2021-27376 was published for nb-connect (Rust) Aug 25, 2021
Double-free in id-map Critical
CVE-2021-30456 was published for id-map (Rust) Aug 25, 2021
Double-free in id-map Critical
CVE-2021-30457 was published for id-map (Rust) Aug 25, 2021
Use after free in image Critical
CVE-2019-16138 was published for image (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API