GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
153 advisories
Filter by severity
Read of uninitialized memory in cdr
Critical
CVE-2021-26305
was published
for
cdr
(Rust)
Aug 25, 2021
Calculation error in ark-r1cs-std
Critical
CVE-2021-38194
was published
for
ark-r1cs-std
(Rust)
Aug 25, 2021
Deno improperly handles resizable ArrayBuffer
Critical
CVE-2023-28445
was published
for
Deno
(Rust)
Mar 23, 2023
webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URL
Critical
CVE-2022-45299
was published
for
webbrowser
(Rust)
Jan 13, 2023
Use of Uninitialized Resource in ash.
Critical
CVE-2021-45688
was published
for
ash
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in acc_reader.
Critical
CVE-2020-36514
was published
for
acc_reader
(Rust)
Jan 6, 2022
Out-of-bounds Write in actix-web
Critical
CVE-2018-25024
was published
for
actix-web
(Rust)
Jan 6, 2022
Out-of-bounds Write in actix-web
Critical
CVE-2018-25025
was published
for
actix-web
(Rust)
Jan 6, 2022
Out-of-bounds Write in actix-web
Critical
CVE-2018-25026
was published
for
actix-web
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in acc_reader.
Critical
CVE-2020-36513
was published
for
acc_reader
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in binjs_io.
Critical
CVE-2021-45683
was published
for
binjs_io
(Rust)
Jan 6, 2022
Use after free and double free in bitvec
Critical
CVE-2020-35862
was published
for
bitvec
(Rust)
Aug 25, 2021
Potential memory corruption in arrayfire
Critical
CVE-2018-20998
was published
for
arrayfire
(pip)
Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Critical
CVE-2020-35887
was published
for
arr
(Rust)
Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Critical
CVE-2020-35888
was published
for
arr
(Rust)
Aug 25, 2021
Out of bounds access in compact_arena
Critical
CVE-2019-16139
was published
for
compact_arena
(Rust)
Aug 25, 2021
Use of Uninitialized Resource in bronzedb-protocol.
Critical
CVE-2021-45682
was published
for
bronzedb-protocol
(Rust)
Jan 6, 2022
columnar: Read on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec())
Critical
CVE-2021-45685
was published
for
columnar
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in buffoon.
Critical
CVE-2020-36512
was published
for
buffoon
(Rust)
Jan 6, 2022
Unsound casting in flatbuffers
Critical
CVE-2019-25004
was published
for
flatbuffers
(Rust)
Aug 25, 2021
Use of Uninitialized Resource in csv-sniffer.
Critical
CVE-2021-45686
was published
for
csv-sniffer
(Rust)
Jan 6, 2022
ProTip!
Advisories are also available from the
GraphQL API