Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

354 advisories

Loading
ordered_float:NotNan may contain NaN after panic in assignment operators Moderate
CVE-2020-35923 was published for ordered-float (Rust) Aug 25, 2021
saethlin tdunlap607
Data races in try-mutex Moderate
CVE-2020-35924 was published for try-mutex (Rust) Aug 25, 2021
Data races in thex Moderate
CVE-2020-35927 was published for thex (Rust) Aug 25, 2021
Improper random number generation in nanorand Moderate
CVE-2020-35926 was published for nanorand (Rust) Aug 25, 2021
Data races in concread Moderate
CVE-2020-35928 was published for concread (Rust) Aug 25, 2021
Data races in magnetic Moderate
CVE-2020-35925 was published for magnetic (Rust) Aug 25, 2021
Data races in lock_api Moderate
CVE-2020-35913 was published for lock_api (Rust) Aug 25, 2021
Data races in lock_api Moderate
CVE-2020-35912 was published for lock_api (Rust) Aug 25, 2021
Data races in futures-intrusive Moderate
CVE-2020-35915 was published for futures-intrusive (Rust) Aug 25, 2021
Data races in lock_api Moderate
CVE-2020-35911 was published for lock_api (Rust) Aug 25, 2021
Mutable reference with immutable provenance in image Moderate
CVE-2020-35916 was published for image (Rust) Aug 25, 2021
tdunlap607
Reference counting error in pyo3 Moderate
CVE-2020-35917 was published for pyo3 (Rust) Aug 25, 2021
tdunlap607
Unexpected panic when decoding tokens in branca Moderate
CVE-2020-35918 was published for branca (Rust) Aug 25, 2021
tdunlap607
Out of bounds read in dync Moderate
CVE-2020-35903 was published for dync (Rust) Aug 25, 2021
Incorrect buffer size in crossbeam-channel Moderate
CVE-2020-35904 was published for crossbeam-channel (Rust) Aug 25, 2021
Data races in lock_api Moderate
CVE-2020-35914 was published for lock_api (Rust) Aug 25, 2021
Data races in lock_api Moderate
CVE-2020-35910 was published for lock_api (Rust) Aug 25, 2021
AnonySE26
Data races in atom Moderate
CVE-2020-35897 was published for atom (Rust) Aug 25, 2021
Use after free in actix-service Moderate
CVE-2020-35899 was published for actix-service (Rust) Aug 25, 2021
AnonySE26
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr Moderate
CVE-2020-35886 was published for arr (Rust) Aug 25, 2021
HTTP Request smuggling in tiny_http Moderate
CVE-2020-35884 was published for tiny_http (Rust) Aug 25, 2021
Uninitialized memory exposure in claxon Moderate
CVE-2018-20992 was published for claxon (Rust) Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
HTTPS MitM vulnerability due to lack of hostname verification Moderate
CVE-2016-10932 was published for hyper (Rust) Aug 25, 2021
tdunlap607
Headers containing newline characters can split messages in hyper Moderate
CVE-2017-18587 was published for hyper (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database