GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
782 advisories
Comrak vulnerable to quadratic runtime issues when parsing Markdown (GHSL-2023-047)
Moderate
CVE-2023-28626
was published
for
comrak
(Rust)
Mar 28, 2023
Interactive `run` permission prompt spoofing via improper ANSI neutralization
High
CVE-2023-28446
was published
for
deno
(Rust)
Mar 24, 2023
Deno improperly handles resizable ArrayBuffer
Critical
CVE-2023-28445
was published
for
Deno
(Rust)
Mar 23, 2023
Frontier's modexp precompile is slow for even modulus
High
CVE-2023-28431
was published
for
frontier
(Rust)
Mar 21, 2023
russh may use insecure Diffie-Hellman keys
Moderate
CVE-2023-28113
was published
for
russh
(Rust)
Mar 17, 2023
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64
Critical
CVE-2023-26489
was published
for
cranelift-codegen
(Rust)
Mar 9, 2023
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64
Low
CVE-2023-27477
was published
for
cranelift-codegen
(Rust)
Mar 9, 2023
openssl-src subject to Timing Oracle in RSA Decryption
Moderate
CVE-2022-4304
was published
for
openssl-src
(Rust)
Feb 8, 2023
openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`
High
CVE-2023-0215
was published
for
openssl-src
(Rust)
Feb 8, 2023
ProTip!
Advisories are also available from the
GraphQL API