Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,315
Erlang
31
GitHub Actions
21
Go
2,073
Maven
5,000+
npm
3,744
NuGet
674
pip
3,433
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

308 advisories

Loading
Use-after-free when setting the locale Moderate
GHSA-c8v3-jhv9-4ppc was published for rust-i18n-support (Rust) Jan 23, 2024
Unsound sending of non-Send types across threads in threadalone Moderate
GHSA-w59h-378f-2frm was published for threadalone (Rust) Jan 23, 2024
CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential Moderate
CVE-2024-21670 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS) Moderate
GHSA-8r5v-vm4m-4g25 was published for h2 (Rust) Jan 19, 2024
Uncontrolled Recursion in SurrealQL Parsing Moderate
GHSA-6r8p-hpg7-825g was published for surrealdb (Rust) Jan 18, 2024
Uncaught Exception in surrealdb Moderate
GHSA-jm4v-58r5-66hj was published for surrealdb (Rust) Jan 18, 2024
Tu0Laj1 jabis
use-after-free in tracing Moderate
GHSA-8f24-6m29-wm2r was published for tracing (Rust) Jan 17, 2024
Rust EVM erroneousle handles `record_external_operation` error return Moderate
CVE-2024-21629 was published for evm (Rust) Jan 3, 2024
unsafe-libyaml unaligned write of u64 on 32-bit and 16-bit platforms Moderate
GHSA-r24f-hg58-vfrw was published for unsafe-libyaml (Rust) Dec 21, 2023
libostree vulnerable to denial of service attack Moderate
CVE-2022-47085 was published for ostree (Rust) Jul 18, 2023
Zerocopy: Some Ref methods are unsound with some type parameters Moderate
GHSA-rjhf-4mh8-9xjq was published for zerocopy (Rust) Dec 18, 2023
Marvin Attack: potential key recovery through timing sidechannels Moderate
CVE-2023-49092 was published for rsa (Rust) Nov 28, 2023
tomato42 lukas-braune
Marvin Attack: potential key recovery through timing sidechannels Moderate
GHSA-4grx-2x9w-596c was published for rsa (Rust) Nov 28, 2023
lukas-braune
Unbounded queuing of path validation messages in cloudflare-quiche Moderate
CVE-2023-6193 was published for quiche (Rust) Dec 13, 2023
LPardue marten-seemann
tokio-boring vulnerable to resource exhaustion via memory leak Moderate
CVE-2023-6180 was published for tokio-boring (Rust) Dec 5, 2023
ehaydenr
Environment variables still accessible through /proc Moderate
GHSA-wj7f-468m-6mv8 was published for birdcage (Rust) Dec 1, 2023
`openssl` `X509StoreRef::objects` is unsound Moderate
GHSA-xphf-cx8h-7q9g was published for openssl (Rust) Nov 28, 2023
odoh-rs's Invalid Slice Split Results in Server Panic Moderate
CVE-2023-3766 was published for odoh-rs (Rust) Aug 3, 2023
00xc
AWS SDK for Rust will log AWS credentials when TRACE-level logging is enabled for request sending Moderate
CVE-2023-30610 was published for aws-sigv4 (Rust) Apr 26, 2023
stellar-strkey vulnerable to panic in SignedPayload::from_payload Moderate
CVE-2023-46135 was published for stellar-strkey (Rust) Oct 25, 2023
yeggor
NATS TLS certificate common name validation bypass Moderate
GHSA-wvc4-j7g5-4f79 was published for nats (Rust) Mar 27, 2023
Tauri Open Redirect Vulnerability Possibly Exposes IPC to External Sites Moderate
CVE-2023-31134 was published for tauri (Rust) May 3, 2023
Stored cross site scripting in Microbin Moderate
CVE-2023-27075 was published for microbin (Rust) May 4, 2023
Apollo Router Unnamed "Subscription" operation results in Denial-of-Service Moderate
CVE-2023-41317 was published for apollo-router (Rust) Sep 7, 2023
nmoutschen abernix
o0Ignition0o BrynCooke peakematt jasonbarnett667 Geal
Tauri vulnerable to Regression on Filesystem Scope Checks for Dotfiles Moderate
CVE-2023-34460 was published for tauri (Rust) Jun 21, 2023
tillmann-crabnebula chip-crabnebula
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database