Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,891
Erlang
24
GitHub Actions
39
Go
2,240
Maven
2,698
npm
2,899
NuGet
500
pip
2,728
Pub
5
RubyGems
364
Rust
889
Swift
19
Unreviewed advisories
All unreviewed
5,000+

889 advisories

Loading
async-graphql / async-graphql - @DOS GraphQL Nested Fragments overflow High
GHSA-xq3c-8gqm-v648 was published for async-graphql (Rust) Jul 29, 2022
nullswan Credited to nullswan, MdotTIM, and c0mp1eks MdotTIM MdotTIM
c0mp1eks c0mp1eks
matrix-sdk 0.6.0 logs access tokens Moderate
GHSA-fc4h-xcf3-qj5f was published for matrix-sdk (Rust) Oct 25, 2022
oqs's Post-Quantum Key Encapsulation Mechanism SIKE broken Moderate
GHSA-hrjv-pf36-jpmr was published for oqs (Rust) Aug 18, 2022
oqs's Post-Quantum Signature scheme Rainbow level I parametersets broken High
GHSA-h864-m8vm-3xvj was published for oqs (Rust) Aug 18, 2022
ckb: Transaction header_deps validation issue (network forking) Critical
GHSA-7fw6-6mfj-g3q2 was published for ckb (Rust) Nov 2, 2022
ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low. Moderate
GHSA-9mfc-chwf-7whf was published for ckb (Rust) Nov 2, 2022
ckb type_id script resume may randomly fail High
GHSA-mcmr-49x3-4jqm was published for ckb (Rust) Nov 2, 2022
Generated code can read and write out of bounds in safe code Critical
GHSA-3jch-9qgp-4844 was published for flatbuffers (Rust) Jun 16, 2022
Double free in endian_trait High
CVE-2021-29929 was published for endian_trait (Rust) Aug 25, 2021
Use after free in rio Critical
CVE-2020-35876 was published for rio (Rust) Aug 25, 2021
Double free in insert_many High
CVE-2021-29933 was published for insert_many (Rust) Aug 25, 2021
Null pointer deference in cache High
CVE-2021-25903 was published for cache (Rust) Aug 25, 2021
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian Credited to rillian
Data races in generator Moderate
GHSA-h6gg-fvf5-qgwf was published for generator (Rust) Aug 25, 2021 withdrawn
Double free in through Critical
CVE-2021-29940 was published for through (Rust) Aug 25, 2021
Data race in internment Critical
CVE-2021-28037 was published for internment (Rust) Aug 25, 2021
Double free in fil-ocl High
CVE-2021-25908 was published for fil-ocl (Rust) Aug 25, 2021
Memory safety violation in crayon High
CVE-2020-35889 was published for crayon (Rust) Aug 25, 2021
Unsoundness in bigint Critical
CVE-2020-35880 was published for bigint (Rust) Aug 25, 2021
NULL Pointer Dereference in cbox Critical
CVE-2020-35860 was published for cbox (Rust) Aug 25, 2021
Free of uninitialized memory in adtensor Critical
CVE-2021-29936 was published for adtensor (Rust) Aug 25, 2021
Data race in may_queue Moderate
CVE-2020-36217 was published for may_queue (Rust) Aug 25, 2021
Data races in aovec High
CVE-2020-36207 was published for aovec (Rust) Aug 25, 2021
Data races in thex Moderate
CVE-2020-35927 was published for thex (Rust) Aug 25, 2021
Out of bounds write in traitobject Critical
CVE-2020-35881 was published for traitobject (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database