Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

306 advisories

Loading
Transaction validity oversight in pallet-ethereum Moderate
CVE-2021-39193 was published for pallet-ethereum (Rust) Sep 1, 2021
Use after free in libpulse-binding Moderate
CVE-2018-25001 was published for libpulse-binding (Rust) Aug 30, 2021
Observable Discrepancy in libsecp256k1-rs Moderate
CVE-2019-20399 was published for libsecp256k1-rs (Rust) Aug 25, 2021
Partial read is incorrect in molecule Moderate
GHSA-82hm-vh7g-hrh9 was published for molecule (Rust) Aug 25, 2021
use-after-free vulnerability in Rust array-queue Moderate
CVE-2020-35900 was published for array-queue (Rust) Aug 25, 2021
scalarmult() vulnerable to degenerate public keys Moderate
CVE-2017-1000168 was published for sodiumoxide (Rust) Aug 25, 2021
Data races in unicycle Moderate
GHSA-7mg7-m5c3-3hqj was published for unicycle (Rust) Aug 25, 2021 withdrawn
WITHDRAWN Moderate
GHSA-8q5c-93vg-c747 was published for toolshed (Rust) Aug 25, 2021 withdrawn
smallvec creates uninitialized value of any type Moderate
GHSA-66p5-j55p-32r9 was published for smallvec (Rust) Aug 25, 2021
Assumed memory layout of std::net::SocketAddr Moderate
GHSA-p5w9-856p-8q4g was published for socket2 (Rust) Aug 25, 2021 withdrawn
Uncontrolled recursion leads to abort in deserialization Moderate
GHSA-39vw-qp34-rmwf was published for serde_yaml (Rust) Aug 25, 2021
Queue<T> should have a Send bound on its Send/Sync traits Moderate
GHSA-v42f-j8fx-99f3 was published for scottqueue (Rust) Aug 25, 2021 withdrawn
Singleton lacks bounds on Send and Sync. Moderate
GHSA-vj88-5667-w56p was published for ruspiro-singleton (Rust) Aug 25, 2021 withdrawn
Unchecked vector pre-allocation Moderate
GHSA-mcrf-7hf9-f6q5 was published for rmpv (Rust) Aug 25, 2021
Send/Sync bound needed on T for Send/Sync impl of RcuCell<T> Moderate
GHSA-jh2g-xhqq-x4w9 was published for rcu_cell (Rust) Aug 25, 2021 withdrawn
Compiler optimisation leads to SEGFAULT Moderate
GHSA-r6ff-2q3c-v3pv was published for pnet (Rust) Aug 25, 2021
MvccRwLock allows data races & aliasing violations Moderate
GHSA-mgg8-9pvp-6qcw was published for noise_search (Rust) Aug 25, 2021 withdrawn
Data races in model Moderate
GHSA-8q64-wrfr-q48c was published for model (Rust) Aug 25, 2021 withdrawn
Data races in max7301 Moderate
CVE-2020-36472 was published for max7301 (Rust) Aug 25, 2021
Uncaught Exception in libpulse-binding Moderate
GHSA-wcxc-jf6c-8rx9 was published for libpulse-binding (Rust) Aug 25, 2021
Data races in generator Moderate
CVE-2020-36471 was published for generator (Rust) Aug 25, 2021
Data races in appendix Moderate
CVE-2020-36469 was published for appendix (Rust) Aug 25, 2021
Data race in disrustor Moderate
CVE-2020-36470 was published for disrustor (Rust) Aug 25, 2021
J3rry-1729
Non-atomic writes in cgc Moderate
CVE-2020-36468 was published for cgc (Rust) Aug 25, 2021
Argument injection in lettre Moderate
CVE-2020-28247 was published for lettre (Rust) Aug 25, 2021
vin01
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database