Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,396
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

359 advisories

Loading
Async-h1 request smuggling possible with long unread bodies Moderate
CVE-2020-36202 was published for async-h1 (Rust) May 24, 2022
Reachable Assertion in rulex Moderate
CVE-2022-31100 was published for rulex (Rust) Jun 21, 2022
evanrichter
Uncontrolled Recursion in rulex Moderate
CVE-2022-31099 was published for rulex (Rust) Jun 22, 2022
evanrichter
Cap'n Proto and its Rust implementation vulnerable to out-of-bounds read due to logic error handling list-of-list Moderate
CVE-2022-46149 was published for capnp (Rust) Dec 5, 2022
coreos-installer < 0.10.0 writes world-readable Ignition config to installed system Moderate
CVE-2021-3917 was published for coreos-installer (Rust) Nov 8, 2021
xlejo
Tendermint light client verification not taking into account chain ID Moderate
CVE-2022-23507 was published for tendermint-light-client (Rust) Dec 14, 2022
hu55a1n1 mzabaluev
plafer
Tauri Filesystem Scope Glob Pattern is too Permissive Moderate
CVE-2022-46171 was published for tauri (Rust) Dec 22, 2022
OrIOg
Data races in noise_search Moderate
CVE-2020-36461 was published for noise_search (Rust) Aug 25, 2021
Data race in atomic-option Moderate
CVE-2020-36219 was published for atomic-option (Rust) Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
Data races in appendix Moderate
CVE-2020-36469 was published for appendix (Rust) Aug 25, 2021
kamadak-exif vulnerable to Infinite loop when parsing PNG files Moderate
CVE-2021-21235 was published for kamadak-exif (Rust) Oct 6, 2022
Incorrect is_static parameter for custom stateful precompiles in SputnikVM (evm) Moderate
CVE-2022-39354 was published for evm (Rust) Oct 25, 2022
Tokio reject_remote_clients configuration may get dropped when creating a Windows named pipe Moderate
CVE-2023-22466 was published for tokio (Rust) Jan 6, 2023
mhils
Denial of service in bingrep Moderate
CVE-2021-39480 was published for bingrep (Rust) Jan 28, 2022
Observable Discrepancy in libsecp256k1-rs Moderate
CVE-2019-20399 was published for libsecp256k1-rs (Rust) Aug 25, 2021
Cross-site Scripting in ammonia Moderate
CVE-2021-38193 was published for ammonia (Rust) Aug 25, 2021
Integer Overflow in Chunked Transfer-Encoding Moderate
CVE-2021-32714 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
Data races in generator Moderate
CVE-2020-36471 was published for generator (Rust) Aug 25, 2021
Data races in max7301 Moderate
CVE-2020-36472 was published for max7301 (Rust) Aug 25, 2021
Tauri's readDir Endpoint Scope can be Bypassed With Symbolic Links Moderate
CVE-2022-39215 was published for tauri (Rust) Sep 16, 2022
martin-ocasek
Leak in Aliyun KeySecret Moderate
CVE-2022-39397 was published for aliyun-oss-client (Rust) Nov 21, 2022
`pnet_packet` buffer overrun in `set_payload` setters Moderate
GHSA-cf4g-fcf8-3cr9 was published for pnet_packet (Rust) Feb 9, 2023
Memory handling issues in xcb Moderate
CVE-2020-36205 was published for xcb (Rust) Aug 25, 2021
`OCSP_basic_verify` may incorrectly verify the response signing certificate Moderate
CVE-2022-1343 was published for openssl-src (Rust) May 4, 2022
pinkforest
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database