GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
155 advisories
Filter by severity
Miscomputation when performing AES encryption in rust-crypto
Critical
GHSA-jp3w-3q88-34cf
was published
for
rust-crypto
(Rust)
Jun 17, 2022
Generated code can read and write out of bounds in safe code
Critical
GHSA-3jch-9qgp-4844
was published
for
flatbuffers
(Rust)
Jun 16, 2022
Type confusion if __private_get_type_id__ is overriden
Critical
CVE-2020-25575
was published
for
failure
(Rust)
Jun 16, 2022
SM2 Decryption Buffer Overflow
Critical
CVE-2021-3711
was published
for
openssl-src
(Rust)
May 24, 2022
Fix a use-after-free bug in diesels Sqlite backend
Critical
CVE-2021-28305
was published
for
diesel
(Rust)
May 24, 2022
move_elements can double-free objects on panic
Critical
CVE-2021-28031
was published
for
scratchpad
(Rust)
May 24, 2022
Loading a bgzip block can write out of bounds if size overflows.
Critical
CVE-2021-28027
was published
for
bam
(Rust)
May 24, 2022
Buffer overflow in SmallVec::insert_many
Critical
CVE-2021-25900
was published
for
smallvec
(Rust)
May 24, 2022
Incorrect Calculation in solana_rbpf
Critical
CVE-2022-23066
was published
for
solana_rbpf
(Rust)
May 10, 2022
Insecure temporary file usage in SWHKD
Critical
CVE-2022-27818
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Apr 8, 2022
Insecure Temporary File in SWHKD
Critical
CVE-2022-27815
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Mar 31, 2022
Sandbox bypass leading to arbitrary code execution in Deno
Critical
CVE-2022-24783
was published
for
deno
(Rust)
Mar 29, 2022
Buffer Overflow in galois_2p8
Critical
CVE-2022-24988
was published
for
galois_2p8
(Rust)
Feb 15, 2022
Out-of-bounds Write in actix-web
Critical
CVE-2018-25024
was published
for
actix-web
(Rust)
Jan 6, 2022
Out-of-bounds Write in actix-web
Critical
CVE-2018-25026
was published
for
actix-web
(Rust)
Jan 6, 2022
Out-of-bounds Write in actix-web
Critical
CVE-2018-25025
was published
for
actix-web
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in flumedb.
Critical
CVE-2021-45684
was published
for
flumedb
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in acc_reader.
Critical
CVE-2020-36513
was published
for
acc_reader
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in acc_reader.
Critical
CVE-2020-36514
was published
for
acc_reader
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in buffoon.
Critical
CVE-2020-36512
was published
for
buffoon
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in bronzedb-protocol.
Critical
CVE-2021-45682
was published
for
bronzedb-protocol
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in binjs_io.
Critical
CVE-2021-45683
was published
for
binjs_io
(Rust)
Jan 6, 2022
Use of Uninitialized Resource in csv-sniffer.
Critical
CVE-2021-45686
was published
for
csv-sniffer
(Rust)
Jan 6, 2022
columnar: Read on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec())
Critical
CVE-2021-45685
was published
for
columnar
(Rust)
Jan 6, 2022
Deserialization of Untrusted Data in rust-cpuid
Critical
CVE-2021-45687
was published
for
raw-cpuid
(Rust)
Jan 6, 2022
ProTip!
Advisories are also available from the
GraphQL API