Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

326 advisories

Loading
Data races in async-coap High
CVE-2020-36444 was published for async-coap (Rust) Aug 25, 2021
Data race in ruspiro-singleton High
CVE-2020-36435 was published for ruspiro-singleton (Rust) Aug 25, 2021
Data Loss/Denial of Service in SWHKD High
CVE-2022-27816 was published for Simple-Wayland-HotKey-Daemon (Rust) Mar 31, 2022
Shinyzenith
Dangling reference in `access::Map` with Constant High
CVE-2020-35711 was published for arc-swap (Rust) May 24, 2022
Link Following in Deno High
CVE-2021-41641 was published for deno (Rust) Jun 13, 2022
Integer overflow in solana_rbpf High
CVE-2022-31264 was published for solana_rbpf (Rust) May 22, 2022
Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints High
CVE-2022-36124 was published for apache-avro (Rust) Aug 10, 2022
Uncontrolled Resource Consumption in opcua High
CVE-2022-25888 was published for opcua (Rust) Aug 24, 2022
Duplicate of GHSA-m77f-652q-wwp4 High
GHSA-2gg5-7c4v-6xx2 was published for axum-core (Rust) Sep 15, 2022 withdrawn
NLnet Labs Routinator has Reachable Assertion vulnerability High
CVE-2022-3029 was published for routinator (Rust) Sep 14, 2022
Insufficient size checks in ws High
CVE-2020-35896 was published for ws (Rust) Aug 25, 2021
opcua Vulnerable to Out-of-bounds Write High
CVE-2022-25903 was published for opcua (Rust) Aug 25, 2022
crossbeam-utils Race Condition vulnerability High
CVE-2022-23639 was published for crossbeam-utils (Rust) Feb 16, 2022
saethlin
Apache Avro Rust SDK corrupted data read can cause crash High
CVE-2022-36125 was published for apache-avro (Rust) Aug 10, 2022
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU High
CVE-2022-35724 was published for apache-avro (Rust) Aug 10, 2022
Data races in toolshed High
CVE-2020-36456 was published for toolshed (Rust) Aug 25, 2021
Command injection in kekbit High
CVE-2020-36449 was published for kekbit (Rust) Aug 25, 2021
Data races in model High
CVE-2020-36460 was published for model (Rust) Aug 25, 2021
Data races in dces High
CVE-2020-36459 was published for dces (Rust) Aug 25, 2021
Data races in cache High
CVE-2020-36448 was published for cache (Rust) Aug 25, 2021
Uncontrolled Resource Consumption in parse_duration High
CVE-2021-29932 was published for parse_duration (Rust) Aug 25, 2021
Data races in rcu_cell High
CVE-2020-36451 was published for rcu_cell (Rust) Aug 25, 2021
Uninitialized memory use in generator High
CVE-2019-16144 was published for generator (Rust) Aug 25, 2021
Data races in lexer High
CVE-2020-36458 was published for lexer (Rust) Aug 25, 2021
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API