Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

796 advisories

Loading
Improper type usage in rusqlite Critical
CVE-2020-35872 was published for rusqlite (Rust) Aug 25, 2021
Data races in rusqlite High
CVE-2020-35871 was published for rusqlite (Rust) Aug 25, 2021
Use after free in rio Critical
CVE-2020-35876 was published for rio (Rust) Aug 25, 2021
Excessive memory usage in tokio-rustls High
CVE-2020-35875 was published for tokio-rustls (Rust) Aug 25, 2021
Use after free in internment High
CVE-2020-35874 was published for internment (Rust) Aug 25, 2021
Unsound casting in flatbuffers Critical
CVE-2019-25004 was published for flatbuffers (Rust) Aug 25, 2021
libsecp256k1 contains side-channel timing attack High
CVE-2019-25003 was published for libsecp256k1 (Rust) Aug 25, 2021
Double free in http Critical
CVE-2019-25009 was published for http (Rust) Aug 25, 2021
Incorrect implementation in streebog High
CVE-2019-25007 was published for streebog (Rust) Aug 25, 2021
Rust Failure Crate Vulnerable to Type confusion Critical
CVE-2019-25010 was published for failure (Rust) Aug 25, 2021
Out of bounds access in lucet-runtime-internals Critical
CVE-2020-35859 was published for lucet-runtime-internals (Rust) Aug 25, 2021
Stack consumption in trust-dns-server High
CVE-2020-35857 was published for trust-dns-server (Rust) Aug 25, 2021
tdunlap607
Out of bounds write in prost Critical
CVE-2020-35858 was published for prost (Rust) Aug 25, 2021
tdunlap607
HTTP Request Smuggling in hyper Critical
CVE-2020-35863 was published for hyper (Rust) Aug 25, 2021
Array size is not checked in sized-chunks High
CVE-2020-25792 was published for sized-chunks (Rust) Aug 25, 2021
tdunlap607
Unaligned references in sized-chunks High
CVE-2020-25796 was published for sized-chunks (Rust) Aug 25, 2021
Missing release of memory in sized-chunks High
CVE-2020-25794 was published for sized-chunks (Rust) Aug 25, 2021
Incorrect Comparison in sodiumoxide Critical
CVE-2019-25002 was published for sodiumoxide (Rust) Aug 25, 2021
ruuda
Out of bounds write in serde_cbor High
CVE-2019-25001 was published for serde_cbor (Rust) Aug 25, 2021
tdunlap607
Incorrect implementation of the Streebog hash functions in streebog High
CVE-2019-25006 was published for streebog (Rust) Aug 25, 2021
Counter overflow in chacha20 High
CVE-2019-25005 was published for chacha20 (Rust) Aug 25, 2021
Use after free in portaudio-rs Critical
CVE-2019-16881 was published for portaudio-rs (Rust) Aug 25, 2021
Null pointer deference in openssl-src High
CVE-2020-1967 was published for openssl-src (Rust) Aug 25, 2021
another-rex andrewpollock
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
Access of Uninitialized Pointer in linked-hash-map Critical
CVE-2020-25573 was published for linked-hash-map (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API