Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

882 advisories

Loading
Double free in fil-ocl High
CVE-2021-25908 was published for fil-ocl (Rust) Aug 25, 2021
Double free in through Critical
CVE-2021-29940 was published for through (Rust) Aug 25, 2021
Data races in generator Moderate
GHSA-h6gg-fvf5-qgwf was published for generator (Rust) Aug 25, 2021 withdrawn
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian
Assumed memory layout of std::net::SocketAddr Moderate
GHSA-p5w9-856p-8q4g was published for socket2 (Rust) Aug 25, 2021 withdrawn
MvccRwLock allows data races & aliasing violations Moderate
GHSA-mgg8-9pvp-6qcw was published for noise_search (Rust) Aug 25, 2021 withdrawn
Null pointer deference in cache High
CVE-2021-25903 was published for cache (Rust) Aug 25, 2021
Double free in insert_many High
CVE-2021-29933 was published for insert_many (Rust) Aug 25, 2021
use-after-free vulnerability in Rust array-queue Moderate
CVE-2020-35900 was published for array-queue (Rust) Aug 25, 2021
Data races in unicycle Moderate
GHSA-7mg7-m5c3-3hqj was published for unicycle (Rust) Aug 25, 2021 withdrawn
Send/Sync bound needed on T for Send/Sync impl of RcuCell<T> Moderate
GHSA-jh2g-xhqq-x4w9 was published for rcu_cell (Rust) Aug 25, 2021 withdrawn
Singleton lacks bounds on Send and Sync. Moderate
GHSA-vj88-5667-w56p was published for ruspiro-singleton (Rust) Aug 25, 2021 withdrawn
Use after free in rio Critical
CVE-2020-35876 was published for rio (Rust) Aug 25, 2021
Double free in endian_trait High
CVE-2021-29929 was published for endian_trait (Rust) Aug 25, 2021
Data races in model Moderate
GHSA-8q64-wrfr-q48c was published for model (Rust) Aug 25, 2021 withdrawn
WITHDRAWN Moderate
GHSA-8q5c-93vg-c747 was published for toolshed (Rust) Aug 25, 2021 withdrawn
Double free in algorithmica High
CVE-2021-31996 was published for algorithmica (Rust) Aug 25, 2021
rocksdb vulnerable to out-of-bounds read Moderate
GHSA-xpp3-xrff-w6rh was published for rocksdb (Rust) Aug 12, 2022
Generated code can read and write out of bounds in safe code Critical
GHSA-3jch-9qgp-4844 was published for flatbuffers (Rust) Jun 16, 2022
ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low. Moderate
GHSA-9mfc-chwf-7whf was published for ckb (Rust) Nov 2, 2022
ckb type_id script resume may randomly fail High
GHSA-mcmr-49x3-4jqm was published for ckb (Rust) Nov 2, 2022
ckb: Transaction header_deps validation issue (network forking) Critical
GHSA-7fw6-6mfj-g3q2 was published for ckb (Rust) Nov 2, 2022
`os_socketaddr` invalidly assumes the memory layout of std::net::SocketAddr High
GHSA-c439-chv8-8g2j was published for os_socketaddr (Rust) Sep 2, 2022
prettytable-rs: Force cast a &Vec<T> to &[T] may lead to undefined behavior Moderate
GHSA-gfgm-chr3-x6px was published for prettytable-rs (Rust) Dec 30, 2022
oqs's Post-Quantum Key Encapsulation Mechanism SIKE broken Moderate
GHSA-hrjv-pf36-jpmr was published for oqs (Rust) Aug 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database