Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,396
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

359 advisories

Loading
Comrak AST node data is not validated (GHSL-2023-049) Moderate
CVE-2023-28631 was published for comrak (Rust) Mar 28, 2023
darakian
Data races in im Moderate
CVE-2020-36204 was published for im (Rust) Aug 25, 2021
bartschuller tdunlap607
h2 vulnerable to denial of service Moderate
CVE-2023-26964 was published for h2 (Rust) Apr 11, 2023
FirelightFlagboy seanmonstar
KisaragiEffective JohnTitor
trust-dns vulnerable to Remote Attackers causing Denial-of-Service (packet loops) with crafted DNS packets Moderate
GHSA-5fm9-h728-fwpj was published for trust-dns-server (Rust) Jun 6, 2023
`array!` macro is unsound in presence of traits that implement methods it calls internally Moderate
GHSA-83gg-pwxf-jr89 was published for array-macro (Rust) Jun 16, 2022
LunaBorowska
Non-atomic writes in cgc Moderate
CVE-2020-36468 was published for cgc (Rust) Aug 25, 2021
Data races in atom Moderate
CVE-2020-35897 was published for atom (Rust) Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr Moderate
CVE-2020-35886 was published for arr (Rust) Aug 25, 2021
Multiple soundness issues in cgc Moderate
CVE-2020-36467 was published for cgc (Rust) Aug 25, 2021
Uninitialized memory exposure in claxon Moderate
CVE-2018-20992 was published for claxon (Rust) Aug 25, 2021
Data races in cgc Moderate
CVE-2020-36466 was published for cgc (Rust) Aug 25, 2021
Unexpected panic when decoding tokens in branca Moderate
CVE-2020-35918 was published for branca (Rust) Aug 25, 2021
tdunlap607
Incorrect buffer size in crossbeam-channel Moderate
CVE-2020-35904 was published for crossbeam-channel (Rust) Aug 25, 2021
Out of bounds read in dync Moderate
CVE-2020-35903 was published for dync (Rust) Aug 25, 2021
Memory over-allocation in evm-core Moderate
GHSA-773q-5334-5gf9 was published for evm-core (Rust) Aug 25, 2021
MutexGuard::map can cause a data race in safe code Moderate
CVE-2020-35905 was published for futures-util (Rust) May 24, 2022
futures_task::noop_waker_ref can segfault due to dereferencing a NULL pointer Moderate
CVE-2020-35907 was published for futures-task (Rust) May 24, 2022
QueryInterface should call AddRef before returning pointer Moderate
GHSA-9rg7-3j4f-cf4x was published for derive-com-impl (Rust) Jun 16, 2022
HTTPS MitM vulnerability due to lack of hostname verification Moderate
CVE-2016-10932 was published for hyper (Rust) Aug 25, 2021
tdunlap607
Headers containing newline characters can split messages in hyper Moderate
CVE-2017-18587 was published for hyper (Rust) Aug 25, 2021
Argument injection in lettre Moderate
CVE-2020-28247 was published for lettre (Rust) Aug 25, 2021
vin01
Data races in futures-intrusive Moderate
CVE-2020-35915 was published for futures-intrusive (Rust) Aug 25, 2021
Data race in eventio Moderate
CVE-2020-36216 was published for eventio (Rust) Aug 25, 2021
Data races in lock_api Moderate
CVE-2020-35912 was published for lock_api (Rust) Aug 25, 2021
Out of bounds read in lazy-init Moderate
CVE-2021-25901 was published for lazy-init (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database