Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

796 advisories

Loading
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr Critical
CVE-2020-35887 was published for arr (Rust) Aug 25, 2021
Memory safety violation in crayon High
CVE-2020-35889 was published for crayon (Rust) Aug 25, 2021
Double free in ordnung High
CVE-2020-35891 was published for ordnung (Rust) Aug 25, 2021
Out of bounds read in ordnung High
CVE-2020-35890 was published for ordnung (Rust) Aug 25, 2021
Out of bounds read in simple-slab Critical
CVE-2020-35892 was published for simple-slab (Rust) Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr Critical
CVE-2020-35888 was published for arr (Rust) Aug 25, 2021
Off-by-one error in simple-slab High
CVE-2020-35893 was published for simple-slab (Rust) Aug 25, 2021
tdunlap607
Unaligned references in Obstack High
CVE-2020-35894 was published for obstack (Rust) Aug 25, 2021
Data races in rulinalg Critical
CVE-2020-35879 was published for rulinalg (Rust) Aug 25, 2021
Data races in rocket High
CVE-2020-35882 was published for rocket (Rust) Aug 25, 2021
Unsoundness in bigint Critical
CVE-2020-35880 was published for bigint (Rust) Aug 25, 2021
Out of bounds write in traitobject Critical
CVE-2020-35881 was published for traitobject (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35866 was published for rusqlite (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35867 was published for rusqlite (Rust) Aug 25, 2021
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked` High
CVE-2020-35865 was published for os_str_bytes (Rust) Aug 25, 2021
Data races in rusqlite Critical
CVE-2020-35868 was published for rusqlite (Rust) Aug 25, 2021
Use after free in rusqlite Critical
CVE-2020-35870 was published for rusqlite (Rust) Aug 25, 2021
Out of bounds read in Ozone Critical
CVE-2020-35877 was published for ozone (Rust) Aug 25, 2021
Use after free in rusqlite Critical
CVE-2020-35873 was published for rusqlite (Rust) Aug 25, 2021
Drop of uninitialized memory in Ozone Critical
CVE-2020-35878 was published for ozone (Rust) Aug 25, 2021
Use after free and double free in bitvec Critical
CVE-2020-35862 was published for bitvec (Rust) Aug 25, 2021
Dangling reference in flatbuffers High
CVE-2020-35864 was published for flatbuffers (Rust) Aug 25, 2021
Mishandling of format strings in rusqlite Critical
CVE-2020-35869 was published for rusqlite (Rust) Aug 25, 2021
NULL Pointer Dereference in cbox Critical
CVE-2020-35860 was published for cbox (Rust) Aug 25, 2021
Out of bounds read in bumpalo High
CVE-2020-35861 was published for bumpalo (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API