GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
155 advisories
Filter by severity
lz4-sys vulnerable to memory corruption via issue in liblz4
Critical
GHSA-9q5j-jm53-v7vr
was published
for
lz4-sys
(Rust)
Sep 1, 2022
ckb: Transaction header_deps validation issue (network forking)
Critical
GHSA-7fw6-6mfj-g3q2
was published
for
ckb
(Rust)
Nov 2, 2022
Generated code can read and write out of bounds in safe code
Critical
GHSA-3jch-9qgp-4844
was published
for
flatbuffers
(Rust)
Jun 16, 2022
Unaligned memory access in rand_core
Critical
CVE-2020-25576
was published
for
rand_core
(Rust)
Aug 25, 2021
Free of uninitialized memory in adtensor
Critical
CVE-2021-29936
was published
for
adtensor
(Rust)
Aug 25, 2021
Out of bounds write in traitobject
Critical
CVE-2020-35881
was published
for
traitobject
(Rust)
Aug 25, 2021
Process crashes when the cell used as DepGroup is not alive
Critical
GHSA-45p7-c959-rgcm
was published
for
ckb
(Rust)
Aug 25, 2021
Uninitialized memory access in outer_cgi
Critical
CVE-2021-30454
was published
for
outer_cgi
(Rust)
Aug 25, 2021
Use after free in actix-utils
Critical
CVE-2020-35898
was published
for
actix-utils
(Rust)
Aug 25, 2021
traitobject is Unmaintained
Critical
GHSA-pp8r-vv2j-9j5v
was published
for
traitobject
(Rust)
Sep 16, 2022
wee_alloc is Unmaintained
Critical
GHSA-rc23-xxgq-x27g
was published
for
wee_alloc
(Rust)
Sep 16, 2022
Delegate functions are missing `Send` bound
Critical
GHSA-x4mq-m75f-mx8m
was published
for
windows
(Rust)
Jun 17, 2022
Miscomputation when performing AES encryption in rust-crypto
Critical
GHSA-jp3w-3q88-34cf
was published
for
rust-crypto
(Rust)
Jun 17, 2022
Use-after-free in actix-codec
Critical
CVE-2020-35902
was published
for
actix-codec
(Rust)
Aug 25, 2021
Out of bounds read in simple-slab
Critical
CVE-2020-35892
was published
for
simple-slab
(Rust)
Aug 25, 2021
Memory flaw in zeroize_derive
Critical
CVE-2021-45706
was published
for
zeroize_derive
(Rust)
Jan 6, 2022
ProTip!
Advisories are also available from the
GraphQL API