Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

153 advisories

Loading
Loading a bgzip block can write out of bounds if size overflows. Critical
CVE-2021-28027 was published for bam (Rust) May 24, 2022
Incorrect Calculation in solana_rbpf Critical
CVE-2022-23066 was published for solana_rbpf (Rust) May 10, 2022
Memory flaw in zeroize_derive Critical
CVE-2021-45706 was published for zeroize_derive (Rust) Jan 6, 2022
KamilaBorowska
Access of Uninitialized Pointer in linked-hash-map Critical
CVE-2020-25573 was published for linked-hash-map (Rust) Aug 25, 2021
Use-after-free in actix-codec Critical
CVE-2020-35902 was published for actix-codec (Rust) Aug 25, 2021
Out of bounds read in simple-slab Critical
CVE-2020-35892 was published for simple-slab (Rust) Aug 25, 2021
Miscomputation when performing AES encryption in rust-crypto Critical
GHSA-jp3w-3q88-34cf was published for rust-crypto (Rust) Jun 17, 2022
Delegate functions are missing `Send` bound Critical
GHSA-x4mq-m75f-mx8m was published for windows (Rust) Jun 17, 2022
KamilaBorowska
wee_alloc is Unmaintained Critical
GHSA-rc23-xxgq-x27g was published for wee_alloc (Rust) Sep 16, 2022
typemap is Unmaintained Critical
GHSA-vfv3-9w6v-23jp was published for typemap (Rust) Sep 16, 2022
traitobject is Unmaintained Critical
GHSA-pp8r-vv2j-9j5v was published for traitobject (Rust) Sep 16, 2022
Use after free in actix-utils Critical
CVE-2020-35898 was published for actix-utils (Rust) Aug 25, 2021
Double free in http Critical
CVE-2019-25009 was published for http (Rust) Aug 25, 2021
Integer overflow in base64 Critical
CVE-2017-1000430 was published for base64 (Rust) Aug 25, 2021
Uninitialized memory access in outer_cgi Critical
CVE-2021-30454 was published for outer_cgi (Rust) Aug 25, 2021
Use-after-free in yottadb Critical
CVE-2021-27377 was published for yottadb (Rust) Aug 25, 2021
Process crashes when the cell used as DepGroup is not alive Critical
GHSA-45p7-c959-rgcm was published for ckb (Rust) Aug 25, 2021
Free of uninitialized memory in adtensor Critical
CVE-2021-29936 was published for adtensor (Rust) Aug 25, 2021
Out of bounds write in traitobject Critical
CVE-2020-35881 was published for traitobject (Rust) Aug 25, 2021
Double free in through Critical
CVE-2021-29940 was published for through (Rust) Aug 25, 2021
Unsoundness in bigint Critical
CVE-2020-35880 was published for bigint (Rust) Aug 25, 2021
NULL Pointer Dereference in cbox Critical
CVE-2020-35860 was published for cbox (Rust) Aug 25, 2021
Data race in internment Critical
CVE-2021-28037 was published for internment (Rust) Aug 25, 2021
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian
Use after free in rio Critical
CVE-2020-35876 was published for rio (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API