Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

155 advisories

Loading
Fix a use-after-free bug in diesels Sqlite backend Critical
CVE-2021-28305 was published for diesel (Rust) May 24, 2022
SM2 Decryption Buffer Overflow Critical
CVE-2021-3711 was published for openssl-src (Rust) May 24, 2022
another-rex
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
Generated code can read and write out of bounds in safe code Critical
GHSA-3jch-9qgp-4844 was published for flatbuffers (Rust) Jun 16, 2022
Miscomputation when performing AES encryption in rust-crypto Critical
GHSA-jp3w-3q88-34cf was published for rust-crypto (Rust) Jun 17, 2022
Delegate functions are missing `Send` bound Critical
GHSA-x4mq-m75f-mx8m was published for windows (Rust) Jun 17, 2022
KamilaBorowska
Signature forgery in Biscuit Critical
CVE-2022-31053 was published for biscuit-auth (Go) Jun 17, 2022
avivdolev Churro
openssl-src heap memory corruption with RSA private key operation Critical
CVE-2022-2274 was published for openssl-src (Rust) Jul 2, 2022
KamilaBorowska
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
traitobject is Unmaintained Critical
GHSA-pp8r-vv2j-9j5v was published for traitobject (Rust) Sep 16, 2022
typemap is Unmaintained Critical
GHSA-vfv3-9w6v-23jp was published for typemap (Rust) Sep 16, 2022
wee_alloc is Unmaintained Critical
GHSA-rc23-xxgq-x27g was published for wee_alloc (Rust) Sep 16, 2022
X.509 Email Address 4-byte Buffer Overflow Critical
CVE-2022-3602 was published for openssl-src (Rust) Nov 1, 2022
ckb: Transaction header_deps validation issue (network forking) Critical
GHSA-7fw6-6mfj-g3q2 was published for ckb (Rust) Nov 2, 2022
webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URL Critical
CVE-2022-45299 was published for webbrowser (Rust) Jan 13, 2023
tdunlap607
openssl-src contains Read Buffer Overflow in X.509 Name Constraint Critical
CVE-2022-4203 was published for openssl-src (Rust) Feb 8, 2023
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64 Critical
CVE-2023-26489 was published for cranelift-codegen (Rust) Mar 9, 2023
alexcrichton
Deno improperly handles resizable ArrayBuffer Critical
CVE-2023-28445 was published for Deno (Rust) Mar 23, 2023
lucacasonato JohnTitor
nipunn1313
SQLpage vulnerable to public exposure of database credentials Critical
CVE-2023-42454 was published for sqlpage (Rust) Sep 21, 2023
Nervos CKB P2P DoS Attacks Critical
GHSA-84x2-2qv6-qg56 was published for ckb (Rust) Feb 2, 2024
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic result Critical
GHSA-q73f-w3h7-7wcc was published for ckb (Rust) Feb 3, 2024
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters Critical
CVE-2024-28123 was published for wasmi (Rust) Mar 7, 2024
transpose: Buffer overflow due to integer overflow Critical
GHSA-5gmm-6m36-r7jh was published for transpose (Rust) Apr 5, 2024
Apollo Router vulnerable to Critical Regression In Query Plan Cache Critical
CVE-2024-32971 was published for apollo-router (Rust) May 2, 2024
xuorig o0Ignition0o
peakematt IvanGoncharov Geal glasser jasonbarnett667 abernix
Spin applications with specific configuration vulnerable to potential network sandbox escape Critical
CVE-2024-32980 was published for spin-sdk (Rust) May 8, 2024
ProTip! Advisories are also available from the GraphQL API