Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,349
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

846 advisories

Loading
Array size is not checked in sized-chunks High
CVE-2020-25791 was published for sized-chunks (Rust) Aug 25, 2021
Array size is not checked in sized-chunks High
CVE-2020-25793 was published for sized-chunks (Rust) Aug 25, 2021
Missing release of memory in sized-chunks High
CVE-2020-25795 was published for sized-chunks (Rust) Aug 25, 2021
Double free in smallvec Critical
CVE-2019-15551 was published for smallvec (Rust) Aug 25, 2021
tdunlap607
Memory exhaustion in asn1_der High
CVE-2019-15549 was published for asn1_der (Rust) Aug 25, 2021
Use after free in libflate Critical
CVE-2019-15552 was published for libflate (Rust) Aug 25, 2021
tdunlap607
Improper Input Validation in renderdoc Critical
CVE-2019-16142 was published for renderdoc (Rust) Aug 25, 2021
Out of bounds access in compact_arena Critical
CVE-2019-16139 was published for compact_arena (Rust) Aug 25, 2021
Wrong memory orderings violates mutual exclusion in spin High
CVE-2019-16137 was published for spin (Rust) Aug 25, 2021
Use after free in image Critical
CVE-2019-16138 was published for image (Rust) Aug 25, 2021
Use-after-free in chttp Critical
CVE-2019-16140 was published for chttp (Rust) Aug 25, 2021
tdunlap607
Algorithms compute incorrect results in blake2 Critical
CVE-2019-16143 was published for blake2 (Rust) Aug 25, 2021
Improper Input Validation in once_cell High
CVE-2019-16141 was published for once_cell (Rust) Aug 25, 2021
tdunlap607
Use after free in string-interner High
CVE-2019-16882 was published for string-interner (Rust) Aug 25, 2021
tdunlap607
Double free in linea Critical
CVE-2019-16880 was published for linea (Rust) Aug 25, 2021
Out of bounds write in slice-deque Critical
CVE-2019-15543 was published for slice-deque (Rust) Aug 25, 2021
Failure to properly verify ed25519 signatures in libp2p-core High
CVE-2019-15545 was published for libp2p-core (Rust) Aug 25, 2021
Uncontrolled memory consumption in protobuf High
CVE-2019-15544 was published for protobuf (Rust) Aug 25, 2021
Uncontrolled recursion in ammonia High
CVE-2019-15542 was published for ammonia (Rust) Aug 25, 2021
Exposure of uninitialized memory in memoffset High
CVE-2019-15553 was published for memoffset (Rust) Aug 25, 2021
Memory corruption in smallvec Critical
CVE-2019-15554 was published for smallvec (Rust) Aug 25, 2021
Out of bounds read in simd-json High
CVE-2019-15550 was published for simd-json (Rust) Aug 25, 2021
Arbitrary file overwrite in tar-rs High
CVE-2018-20990 was published for tar (Rust) Aug 25, 2021
tdunlap607
Uninitialized memory exposure in claxon Moderate
CVE-2018-20992 was published for claxon (Rust) Aug 25, 2021
Integer underflow in untrusted High
CVE-2018-20989 was published for untrusted (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database