GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
782 advisories
Filter by severity
Data race in ruspiro-singleton
High
CVE-2020-36435
was published
for
ruspiro-singleton
(Rust)
Aug 25, 2021
Data Loss/Denial of Service in SWHKD
High
CVE-2022-27816
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Mar 31, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon
Moderate
CVE-2022-27817
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Apr 15, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon
Low
CVE-2022-27814
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Apr 15, 2022
Incorrect Calculation in solana_rbpf
Critical
CVE-2022-23066
was published
for
solana_rbpf
(Rust)
May 10, 2022
Loading a bgzip block can write out of bounds if size overflows.
Critical
CVE-2021-28027
was published
for
bam
(Rust)
May 24, 2022
Dangling reference in `access::Map` with Constant
High
CVE-2020-35711
was published
for
arc-swap
(Rust)
May 24, 2022
Fix a use-after-free bug in diesels Sqlite backend
Critical
CVE-2021-28305
was published
for
diesel
(Rust)
May 24, 2022
Async-h1 request smuggling possible with long unread bodies
Moderate
CVE-2020-36202
was published
for
async-h1
(Rust)
May 24, 2022
Insecure Temporary File in SWHKD
Critical
CVE-2022-27815
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Mar 31, 2022
Wasmtime vulnerable to Use After Free with `externref`s
Moderate
CVE-2022-31146
was published
for
cranelift-codegen
(Rust)
Jul 20, 2022
Cranelift vulnerable to miscompilation of constant values in division on AArch64
Moderate
CVE-2022-31169
was published
for
cranelift-codegen
(Rust)
Jul 21, 2022
Integer overflow in solana_rbpf
High
CVE-2022-31264
was published
for
solana_rbpf
(Rust)
May 22, 2022
Weight not properly refunded after EVM execution
Moderate
CVE-2022-39242
was published
for
frontier
(Rust)
Sep 23, 2022
Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints
High
CVE-2022-36124
was published
for
apache-avro
(Rust)
Aug 10, 2022
Uncontrolled Resource Consumption in opcua
High
CVE-2022-25888
was published
for
opcua
(Rust)
Aug 24, 2022
Duplicate of GHSA-m77f-652q-wwp4
High
GHSA-2gg5-7c4v-6xx2
was published
for
axum-core
(Rust)
Sep 15, 2022
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API