Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

46 advisories

Loading
PyOpenSSL Use-After-Free vulnerability High
CVE-2018-1000807 was published for pyopenssl (pip) Oct 10, 2018
tdunlap607
Use after free in CefSharp High
CVE-2020-16017 was published for CefSharp.Common (NuGet) Nov 27, 2020
Reflected Cross-site Scripting in ACS Commons High
CVE-2021-21028 was published for com.adobe.acs:acs-aem-commons (Maven) Feb 2, 2021
GPGME Go wrapper contains Use After Free High
CVE-2020-8945 was published for github.com/proglottis/gpgme (Go) May 18, 2021
Use after free in boosted trees creation High
CVE-2021-37652 was published for tensorflow (pip) Aug 25, 2021
Use after free in string-interner High
CVE-2019-16882 was published for string-interner (Rust) Aug 25, 2021
tdunlap607
Use-after-free in actix-http High
CVE-2020-35901 was published for actix-http (Rust) Aug 25, 2021
Use after free in Rocket High
CVE-2021-29935 was published for rocket (Rust) Aug 25, 2021
tdunlap607
Use after free in heapless High
CVE-2020-36464 was published for heapless (Rust) Aug 25, 2021
Use after free in generic-array High
CVE-2020-36465 was published for generic-array (Rust) Aug 25, 2021
Use after free in libpulse-binding High
GHSA-ghpq-vjxw-ch5w was published for libpulse-binding (Rust) Aug 25, 2021
Use after free / memory leak in `CollectiveReduceV2` High
CVE-2021-41220 was published for tensorflow (pip) Nov 10, 2021
Use After Free in lucet High
CVE-2021-43790 was published for lucet-runtime (Rust) Nov 30, 2021
iximeow acfoltzer
cratelyn aturon alexcrichton aggarwaa
Use After Free in rusqlite High
CVE-2021-45719 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in rusqlite High
CVE-2021-45715 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in rusqlite High
CVE-2021-45717 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in rusqlite High
CVE-2021-45718 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in rusqlite High
CVE-2021-45714 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in rusqlite High
CVE-2021-45713 was published for rusqlite (Rust) Jan 6, 2022
tdunlap607
Use After Free in rusqlite High
CVE-2021-45716 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in tremor-script High
CVE-2021-45702 was published for tremor-script (Rust) Jan 6, 2022
Use After Free in libpulse-binding High
CVE-2018-25028 was published for libpulse-binding (Rust) Jan 6, 2022
Use After Free in libpulse-binding High
CVE-2018-25027 was published for libpulse-binding (Rust) Jan 6, 2022
Use After Free in lru High
CVE-2021-45720 was published for lru (Rust) Jan 7, 2022
Use after free in `DecodePng` kernel High
CVE-2022-23584 was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database