Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

781 advisories

Loading
Out of bounds write in slice-deque Critical
CVE-2019-15543 was published for slice-deque (Rust) Aug 25, 2021
Failure to properly verify ed25519 signatures in libp2p-core High
CVE-2019-15545 was published for libp2p-core (Rust) Aug 25, 2021
Uncontrolled memory consumption in protobuf High
CVE-2019-15544 was published for protobuf (Rust) Aug 25, 2021
Uncontrolled recursion in ammonia High
CVE-2019-15542 was published for ammonia (Rust) Aug 25, 2021
Exposure of uninitialized memory in memoffset High
CVE-2019-15553 was published for memoffset (Rust) Aug 25, 2021
Memory corruption in smallvec Critical
CVE-2019-15554 was published for smallvec (Rust) Aug 25, 2021
Out of bounds read in simd-json High
CVE-2019-15550 was published for simd-json (Rust) Aug 25, 2021
Arbitrary file overwrite in tar-rs High
CVE-2018-20990 was published for tar (Rust) Aug 25, 2021
tdunlap607
Uninitialized memory exposure in claxon Moderate
CVE-2018-20992 was published for claxon (Rust) Aug 25, 2021
Integer underflow in untrusted High
CVE-2018-20989 was published for untrusted (Rust) Aug 25, 2021
Use after free in openssl Critical
CVE-2018-20997 was published for openssl (Rust) Aug 25, 2021
Potential memory corruption in arrayfire Critical
CVE-2018-20998 was published for arrayfire (pip) Aug 25, 2021
westonsteimel
Heap overflow or corruption in safe-transmute Critical
CVE-2018-21000 was published for safe-transmute (Rust) Aug 25, 2021
tdunlap607
Double free in crossbeam Critical
CVE-2018-20996 was published for crossbeam (Rust) Aug 25, 2021
Flaw in streaming state in orion High
CVE-2018-20999 was published for orion (Rust) Aug 25, 2021
Uncontrolled recursion in trust-dns-proto High
CVE-2018-20994 was published for trust-dns-proto (Rust) Aug 25, 2021
Uncontrolled recursion in rust-yaml High
CVE-2018-20993 was published for yaml-rust (Rust) Aug 25, 2021
Improper Certificate Validation in openssl High
CVE-2016-10931 was published for openssl (Rust) Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
HTTPS MitM vulnerability due to lack of hostname verification Moderate
CVE-2016-10932 was published for hyper (Rust) Aug 25, 2021
tdunlap607
Headers containing newline characters can split messages in hyper Moderate
CVE-2017-18587 was published for hyper (Rust) Aug 25, 2021
Improper Input Validation in cookie High
CVE-2017-18589 was published for cookie (Rust) Aug 25, 2021
Improper Certificate Validation in security-framework Moderate
CVE-2017-18588 was published for security-framework (Rust) Aug 25, 2021
Memory corruption slice-deque Critical
CVE-2018-20995 was published for slice-deque (Rust) Aug 25, 2021
Double free in smallvec Critical
CVE-2018-20991 was published for smallvec (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API