Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

33 advisories

Loading
Uninitialized memory access in outer_cgi Critical
CVE-2021-30454 was published for outer_cgi (Rust) Aug 25, 2021
Integer overflow in base64 Critical
CVE-2017-1000430 was published for base64 (Rust) Aug 25, 2021
Data races in convec High
CVE-2020-36445 was published for convec (Rust) Aug 25, 2021
Data races in libsbc High
CVE-2020-36440 was published for libsbc (Rust) Aug 25, 2021
Data races in beef High
CVE-2020-36442 was published for beef (Rust) Aug 25, 2021
Data races in unicycle High
CVE-2020-36436 was published for unicycle (Rust) Aug 25, 2021
Data races in async-coap High
CVE-2020-36444 was published for async-coap (Rust) Aug 25, 2021
Data race in ruspiro-singleton High
CVE-2020-36435 was published for ruspiro-singleton (Rust) Aug 25, 2021
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
Out of bounds write in nalgebra Critical
CVE-2021-38190 was published for nalgebra (Rust) Aug 25, 2021
Wasmtime out of bounds read/write with zero-memory-pages configuration Moderate
CVE-2022-39392 was published for wasmtime (Rust) Nov 10, 2022
alexcrichton
Deserializing an array can free uninitialized memory in byte_struct Critical
CVE-2021-28033 was published for byte_struct (Rust) Aug 25, 2021
tdunlap607
crossbeam-channel Undefined Behavior before v0.4.4 High
CVE-2020-15254 was published for crossbeam-channel (Rust) Aug 25, 2021
nb-connect invalidly assumes the memory layout of std::net::SocketAddr Critical
CVE-2021-27376 was published for nb-connect (Rust) Aug 25, 2021
Drop of uninitialized memory in Ozone Critical
CVE-2020-35878 was published for ozone (Rust) Aug 25, 2021
Buffer overflow and format vulnerabilities in ncurses Critical
CVE-2019-15548 was published for ncurses (Rust) Aug 25, 2021
Data races in parc High
CVE-2020-36454 was published for parc (Rust) Aug 25, 2021
Out of bounds read in Ozone Critical
CVE-2020-35877 was published for ozone (Rust) Aug 25, 2021
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
quinn invalidly assumes the memory layout of std::net::SocketAddr High
CVE-2021-28036 was published for quinn (Rust) Aug 25, 2021
Data races in signal-simple High
CVE-2020-36446 was published for signal-simple (Rust) Aug 25, 2021
Memory corruption slice-deque Critical
CVE-2018-20995 was published for slice-deque (Rust) Aug 25, 2021
Heap overflow or corruption in safe-transmute Critical
CVE-2018-21000 was published for safe-transmute (Rust) Aug 25, 2021
tdunlap607
Data race in tiny_future High
CVE-2020-36438 was published for tiny_future (Rust) Aug 25, 2021
Data races in ticketed_lock High
CVE-2020-36439 was published for ticketed_lock (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database