Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,906 advisories

Loading
Double-free in id-map Critical
CVE-2021-30457 was published for id-map (Rust) Aug 25, 2021
Double-free in id-map Critical
CVE-2021-30456 was published for id-map (Rust) Aug 25, 2021
Uninitialized memory access in outer_cgi Critical
CVE-2021-30454 was published for outer_cgi (Rust) Aug 25, 2021
Integer overflow in base64 Critical
CVE-2017-1000430 was published for base64 (Rust) Aug 25, 2021
Use-after-free in yottadb Critical
CVE-2021-27377 was published for yottadb (Rust) Aug 25, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
Incorrect buffer size calculation in iced-x86 Critical
CVE-2021-38188 was published for iced-x86 (Rust) Aug 25, 2021
Out of bounds write in nalgebra Critical
CVE-2021-38190 was published for nalgebra (Rust) Aug 25, 2021
Calculation error in ark-r1cs-std Critical
CVE-2021-38194 was published for ark-r1cs-std (Rust) Aug 25, 2021
tdunlap607
Overflow in libsecp256k1 Critical
CVE-2021-38195 was published for libsecp256k1 (Rust) Aug 25, 2021
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian
Memory corruption in array-tools Critical
CVE-2020-36452 was published for array-tools (Rust) Aug 25, 2021
Double free in sys-info Critical
CVE-2020-36434 was published for sys-info (Rust) Aug 25, 2021
Buffer overflow and format vulnerabilities in ncurses Critical
CVE-2019-15548 was published for ncurses (Rust) Aug 25, 2021
Use of Uninitialized Resource in libp2p-deflate Critical
CVE-2020-36443 was published for libp2p-deflate (Rust) Aug 25, 2021
Use of Uninitialized Resource in alg_ds Critical
CVE-2020-36432 was published for alg_ds (Rust) Aug 25, 2021
crossbeam-deque Data Race before v0.7.4 and v0.8.1 Critical
CVE-2021-32810 was published for crossbeam-deque (Rust) Aug 25, 2021
kmaork
Process crashes when the cell used as DepGroup is not alive Critical
GHSA-45p7-c959-rgcm was published for ckb (Rust) Aug 25, 2021
TimelockController vulnerability in OpenZeppelin Contracts Critical
CVE-2021-39167 was published for @openzeppelin/contracts (npm) Aug 30, 2021
TimelockController vulnerability in OpenZeppelin Contracts Critical
CVE-2021-39168 was published for @openzeppelin/contracts-upgradeable (npm) Aug 30, 2021
remote code execution via git repo provider Critical
CVE-2021-39159 was published for binderhub (pip) Aug 30, 2021
dreyercito rccern
Dolibarr Cross-site Scripting vulnerability Critical
CVE-2021-25955 was published for dolibarr/dolibarr (Composer) Aug 30, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18703 was published for quokka (pip) Aug 30, 2021
Unrestricted Upload of File with Dangerous Type in django-widgy Critical
CVE-2020-18704 was published for django-widgy (pip) Aug 30, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18705 was published for quokka (pip) Aug 30, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database