Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
912
pip
4,768
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

193 advisories

Loading
Improper type usage in rusqlite Critical
CVE-2020-35872 was published for rusqlite (Rust) Aug 25, 2021
Use after free in rusqlite Critical
CVE-2020-35873 was published for rusqlite (Rust) Aug 25, 2021
Out of bounds read in Ozone Critical
CVE-2020-35877 was published for ozone (Rust) Aug 25, 2021
Use after free in nano_arena Critical
CVE-2021-28032 was published for nano_arena (Rust) Aug 25, 2021
Buffer overflow and format vulnerabilities in ncurses Critical
CVE-2019-15548 was published for ncurses (Rust) Aug 25, 2021
Use after free in openssl Critical
CVE-2018-20997 was published for openssl (Rust) Aug 25, 2021
openssl-src heap memory corruption with RSA private key operation Critical
CVE-2022-2274 was published for openssl-src (Rust) Jul 2, 2022
sugar700 Credited to sugar700
Drop of uninitialized memory in Ozone Critical
CVE-2020-35878 was published for ozone (Rust) Aug 25, 2021
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45693 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45692 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs Critical
CVE-2021-45691 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45690 was published for messagepack-rs (Rust) Jan 6, 2022
Pointer dereference in nanorand Critical
CVE-2021-45705 was published for nanorand (Rust) Jan 6, 2022
Incorrect reliance on Trait memory layout in mopa Critical
CVE-2021-45695 was published for mopa (Rust) Jan 6, 2022
The `total_size` function for partial read the length of any `FixVec` is incorrect in molecule. Critical
CVE-2021-45697 was published for molecule (Rust) Jan 6, 2022
nb-connect invalidly assumes the memory layout of std::net::SocketAddr Critical
CVE-2021-27376 was published for nb-connect (Rust) Aug 25, 2021
Double-free in id-map Critical
CVE-2021-30456 was published for id-map (Rust) Aug 25, 2021
Double-free in id-map Critical
CVE-2021-30457 was published for id-map (Rust) Aug 25, 2021
Use after free in image Critical
CVE-2019-16138 was published for image (Rust) Aug 25, 2021
Out of bounds read in fltk Critical
CVE-2021-28308 was published for fltk (Rust) Aug 25, 2021
Use of Uninitialized Resource in flumedb. Critical
CVE-2021-45684 was published for flumedb (Rust) Jan 6, 2022
J3rry-1729 Credited to J3rry-1729
Double free in linea Critical
CVE-2019-16880 was published for linea (Rust) Aug 25, 2021
Use after free in libflate Critical
CVE-2019-15552 was published for libflate (Rust) Aug 25, 2021
tdunlap607 Credited to tdunlap607
HTTP Request Smuggling in hyper Critical
CVE-2020-35863 was published for hyper (Rust) Aug 25, 2021
Use of Uninitialized Resource in csv-sniffer. Critical
CVE-2021-45686 was published for csv-sniffer (Rust) Jan 6, 2022
J3rry-1729 Credited to J3rry-1729
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database