Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,814
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
722
pip
3,829
Pub
12
RubyGems
932
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

159 advisories

Loading
Out of bounds write in slice-deque Critical
CVE-2019-15543 was published for slice-deque (Rust) Aug 25, 2021
Memory corruption slice-deque Critical
CVE-2018-20995 was published for slice-deque (Rust) Aug 25, 2021
Drop of uninitialized memory in stack_dst Critical
CVE-2021-28035 was published for stack_dst (Rust) Sep 1, 2021
Double free in stack_dst Critical
CVE-2021-28034 was published for stack_dst (Rust) Sep 1, 2021
Data races in rulinalg Critical
CVE-2020-35879 was published for rulinalg (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35866 was published for rusqlite (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35867 was published for rusqlite (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35868 was published for rusqlite (Rust) Aug 25, 2021
Mishandling of format strings in rusqlite Critical
CVE-2020-35869 was published for rusqlite (Rust) Aug 25, 2021
move_elements can double-free objects on panic Critical
CVE-2021-28031 was published for scratchpad (Rust) May 24, 2022
Use after free in portaudio-rs Critical
CVE-2019-16881 was published for portaudio-rs (Rust) Aug 25, 2021
Out of bounds write in prost Critical
CVE-2020-35858 was published for prost (Rust) Aug 25, 2021
tdunlap607
Incorrect check on buffer length in rand_core Critical
CVE-2021-27378 was published for rand_core (Rust) Aug 25, 2021
rillian
Improper Input Validation in renderdoc Critical
CVE-2019-16142 was published for renderdoc (Rust) Aug 25, 2021
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
Deserialization of Untrusted Data in rust-cpuid Critical
CVE-2021-45687 was published for raw-cpuid (Rust) Jan 6, 2022
richardfan0606
Improper type usage in rusqlite Critical
CVE-2020-35872 was published for rusqlite (Rust) Aug 25, 2021
Use after free in rusqlite Critical
CVE-2020-35873 was published for rusqlite (Rust) Aug 25, 2021
Out of bounds read in Ozone Critical
CVE-2020-35877 was published for ozone (Rust) Aug 25, 2021
Use after free in nano_arena Critical
CVE-2021-28032 was published for nano_arena (Rust) Aug 25, 2021
Buffer overflow and format vulnerabilities in ncurses Critical
CVE-2019-15548 was published for ncurses (Rust) Aug 25, 2021
Use after free in openssl Critical
CVE-2018-20997 was published for openssl (Rust) Aug 25, 2021
openssl-src heap memory corruption with RSA private key operation Critical
CVE-2022-2274 was published for openssl-src (Rust) Jul 2, 2022
LunaBorowska
Drop of uninitialized memory in Ozone Critical
CVE-2020-35878 was published for ozone (Rust) Aug 25, 2021
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45693 was published for messagepack-rs (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database