Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

160 advisories

Loading
traitobject is Unmaintained Critical
GHSA-pp8r-vv2j-9j5v was published for traitobject (Rust) Sep 16, 2022
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
openssl-src heap memory corruption with RSA private key operation Critical
CVE-2022-2274 was published for openssl-src (Rust) Jul 2, 2022
LunaBorowska
Signature forgery in Biscuit Critical
CVE-2022-31053 was published for biscuit-auth (Go) Jun 17, 2022
avivdolev Churro
Delegate functions are missing `Send` bound Critical
GHSA-x4mq-m75f-mx8m was published for windows (Rust) Jun 17, 2022
LunaBorowska
Miscomputation when performing AES encryption in rust-crypto Critical
GHSA-jp3w-3q88-34cf was published for rust-crypto (Rust) Jun 17, 2022
Generated code can read and write out of bounds in safe code Critical
GHSA-3jch-9qgp-4844 was published for flatbuffers (Rust) Jun 16, 2022
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
SM2 Decryption Buffer Overflow Critical
CVE-2021-3711 was published for openssl-src (Rust) May 24, 2022
another-rex
Fix a use-after-free bug in diesels Sqlite backend Critical
CVE-2021-28305 was published for diesel (Rust) May 24, 2022
move_elements can double-free objects on panic Critical
CVE-2021-28031 was published for scratchpad (Rust) May 24, 2022
Loading a bgzip block can write out of bounds if size overflows. Critical
CVE-2021-28027 was published for bam (Rust) May 24, 2022
Buffer overflow in SmallVec::insert_many Critical
CVE-2021-25900 was published for smallvec (Rust) May 24, 2022
tdunlap607
Incorrect Calculation in solana_rbpf Critical
CVE-2022-23066 was published for solana_rbpf (Rust) May 10, 2022
Insecure temporary file usage in SWHKD Critical
CVE-2022-27818 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Insecure Temporary File in SWHKD Critical
CVE-2022-27815 was published for Simple-Wayland-HotKey-Daemon (Rust) Mar 31, 2022
Shinyzenith
Sandbox bypass leading to arbitrary code execution in Deno Critical
CVE-2022-24783 was published for deno (Rust) Mar 29, 2022
DjDeveloperr andreubotella
aapoalas lucacasonato tdunlap607
Buffer Overflow in galois_2p8 Critical
CVE-2022-24988 was published for galois_2p8 (Rust) Feb 15, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25024 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25026 was published for actix-web (Rust) Jan 6, 2022
Out-of-bounds Write in actix-web Critical
CVE-2018-25025 was published for actix-web (Rust) Jan 6, 2022
Use of Uninitialized Resource in flumedb. Critical
CVE-2021-45684 was published for flumedb (Rust) Jan 6, 2022
J3rry-1729
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36513 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in acc_reader. Critical
CVE-2020-36514 was published for acc_reader (Rust) Jan 6, 2022
Use of Uninitialized Resource in buffoon. Critical
CVE-2020-36512 was published for buffoon (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database