Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,020 advisories

Loading
Deno's static imports inside dynamically imported modules do not adhere to permission checks Critical
CVE-2021-32619 was published for deno (Rust) Sep 23, 2021
nayeemrmn
Apache Avro Rust SDK corrupted data read can cause crash High
CVE-2022-36125 was published for apache-avro (Rust) Aug 10, 2022
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU High
CVE-2022-35724 was published for apache-avro (Rust) Aug 10, 2022
Tendermint light client verification not taking into account chain ID Moderate
CVE-2022-23507 was published for tendermint-light-client (Rust) Dec 14, 2022
hu55a1n1 mzabaluev
plafer
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
Tauri Filesystem Scope Glob Pattern is too Permissive Moderate
CVE-2022-46171 was published for tauri (Rust) Dec 22, 2022
OrIOg
Data races in noise_search Moderate
CVE-2020-36461 was published for noise_search (Rust) Aug 25, 2021
Data races in model High
CVE-2020-36460 was published for model (Rust) Aug 25, 2021
Data races in toolshed High
CVE-2020-36456 was published for toolshed (Rust) Aug 25, 2021
Out of bounds write in nalgebra Critical
CVE-2021-38190 was published for nalgebra (Rust) Aug 25, 2021
Command injection in kekbit High
CVE-2020-36449 was published for kekbit (Rust) Aug 25, 2021
Double free in alpm-rs Critical
CVE-2020-35885 was published for alpm-rs (Rust) Aug 25, 2021
Use of Uninitialized Resource in libp2p-deflate Critical
CVE-2020-36443 was published for libp2p-deflate (Rust) Aug 25, 2021
Data races in dces High
CVE-2020-36459 was published for dces (Rust) Aug 25, 2021
Memory corruption in array-tools Critical
CVE-2020-36452 was published for array-tools (Rust) Aug 25, 2021
Data races in cache High
CVE-2020-36448 was published for cache (Rust) Aug 25, 2021
Uncontrolled Resource Consumption in parse_duration High
CVE-2021-29932 was published for parse_duration (Rust) Aug 25, 2021
Data race in atomic-option Moderate
CVE-2020-36219 was published for atomic-option (Rust) Aug 25, 2021
Data races in rcu_cell High
CVE-2020-36451 was published for rcu_cell (Rust) Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
Uninitialized memory use in generator High
CVE-2019-16144 was published for generator (Rust) Aug 25, 2021
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
Use of Uninitialized Resource in alg_ds Critical
CVE-2020-36432 was published for alg_ds (Rust) Aug 25, 2021
Data races in lexer High
CVE-2020-36458 was published for lexer (Rust) Aug 25, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database