GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
339 advisories
Filter by severity
Improper verification of signature threshold in tough
High
CVE-2020-15093
was published
for
tough
(Rust)
Aug 25, 2021
Use after free in libpulse-binding
High
GHSA-ghpq-vjxw-ch5w
was published
for
libpulse-binding
(Rust)
Aug 25, 2021
Use after free in generic-array
High
CVE-2020-36465
was published
for
generic-array
(Rust)
Aug 25, 2021
Remote code execution in better-macro
High
CVE-2021-38196
was published
for
better-macro
(Rust)
Aug 25, 2021
fake-static allows converting any reference into a `'static` reference
High
GHSA-8xw8-mmqv-frqq
was published
for
fake-static
(Rust)
Aug 25, 2021
Out of bounds write in stackvector
High
CVE-2021-29939
was published
for
stackvector
(Rust)
Aug 25, 2021
Uncontrolled Resource Consumption in parse_duration
High
CVE-2021-29932
was published
for
parse_duration
(Rust)
Aug 25, 2021
Certificate check bypass in openssl-src
High
CVE-2021-3450
was published
for
openssl-src
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API