GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,156
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
33 advisories
Filter by severity
Potential memory corruption in arrayfire
Critical
CVE-2018-20998
was published
for
arrayfire
(pip)
Aug 25, 2021
WASM3 Improper Input Validation vulnerability
High
CVE-2022-39974
was published
for
pywasm3
(pip)
Sep 21, 2022
Use of a Broken or Risky Cryptographic Algorithm in crypto2
Critical
CVE-2021-45709
was published
for
crypto2
(Rust)
Jan 6, 2022
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`
High
CVE-2022-36086
was published
for
linked_list_allocator
(Rust)
Sep 16, 2022
Rust-WebSocket memory allocation based on untrusted length
High
CVE-2022-35922
was published
for
websocket
(Rust)
Aug 6, 2022
Heap overflow or corruption in safe-transmute
Critical
CVE-2018-21000
was published
for
safe-transmute
(Rust)
Aug 25, 2021
Memory corruption slice-deque
Critical
CVE-2018-20995
was published
for
slice-deque
(Rust)
Aug 25, 2021
quinn invalidly assumes the memory layout of std::net::SocketAddr
High
CVE-2021-28036
was published
for
quinn
(Rust)
Aug 25, 2021
Buffer overflow and format vulnerabilities in ncurses
Critical
CVE-2019-15548
was published
for
ncurses
(Rust)
Aug 25, 2021
Drop of uninitialized memory in Ozone
Critical
CVE-2020-35878
was published
for
ozone
(Rust)
Aug 25, 2021
nb-connect invalidly assumes the memory layout of std::net::SocketAddr
Critical
CVE-2021-27376
was published
for
nb-connect
(Rust)
Aug 25, 2021
crossbeam-channel Undefined Behavior before v0.4.4
High
CVE-2020-15254
was published
for
crossbeam-channel
(Rust)
Aug 25, 2021
Deserializing an array can free uninitialized memory in byte_struct
Critical
CVE-2021-28033
was published
for
byte_struct
(Rust)
Aug 25, 2021
Wasmtime out of bounds read/write with zero-memory-pages configuration
Moderate
CVE-2022-39392
was published
for
wasmtime
(Rust)
Nov 10, 2022
Out of bounds write in nalgebra
Critical
CVE-2021-38190
was published
for
nalgebra
(Rust)
Aug 25, 2021
linux-loader reading beyond EOF could lead to infinite loop
Low
CVE-2022-23523
was published
for
linux-loader
(Rust)
Dec 12, 2022
ProTip!
Advisories are also available from the
GraphQL API