Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,984
Erlang
39
GitHub Actions
38
Go
2,626
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
954
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,054 advisories

Loading
Integer Overflow in openssl-src Moderate
CVE-2021-23841 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Credited to another-rex
Integer Overflow in openssl-src High
CVE-2021-23840 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Credited to another-rex
Incorrect check on buffer length in rand_core Critical
CVE-2021-27378 was published for rand_core (Rust) Aug 25, 2021
rillian
Credited to rillian
nb-connect invalidly assumes the memory layout of std::net::SocketAddr Critical
CVE-2021-27376 was published for nb-connect (Rust) Aug 25, 2021
Cross site scripting in comrak Moderate
CVE-2021-27671 was published for comrak (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Data race in internment Critical
CVE-2021-28037 was published for internment (Rust) Aug 25, 2021
quinn invalidly assumes the memory layout of std::net::SocketAddr High
CVE-2021-28036 was published for quinn (Rust) Aug 25, 2021
Deserializing an array can free uninitialized memory in byte_struct Critical
CVE-2021-28033 was published for byte_struct (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Use after free in nano_arena Critical
CVE-2021-28032 was published for nano_arena (Rust) Aug 25, 2021
Use of Uninitialized Resource in truetype High
CVE-2021-28030 was published for truetype (Rust) Aug 25, 2021
Data race in va-ts Moderate
CVE-2020-36220 was published for va-ts (Rust) Aug 25, 2021
Data races in multiqueue2 Moderate
CVE-2020-36214 was published for multiqueue2 (Rust) Aug 25, 2021
Data races in hashconsing High
CVE-2020-36215 was published for hashconsing (Rust) Aug 25, 2021
Data race in eventio Moderate
CVE-2020-36216 was published for eventio (Rust) Aug 25, 2021
Data race in may_queue Moderate
CVE-2020-36217 was published for may_queue (Rust) Aug 25, 2021
Improper synchronization in buttplug Moderate
CVE-2020-36218 was published for buttplug (Rust) Aug 25, 2021
Data race in atomic-option Moderate
CVE-2020-36219 was published for atomic-option (Rust) Aug 25, 2021
Data races in reffers Moderate
CVE-2020-36203 was published for reffers (Rust) Aug 25, 2021
Data races in im Moderate
CVE-2020-36204 was published for im (Rust) Aug 25, 2021
bartschuller tdunlap607
Credited to bartschuller and tdunlap607
Memory handling issues in xcb Moderate
CVE-2020-36205 was published for xcb (Rust) Aug 25, 2021
Data races in rusb High
CVE-2020-36206 was published for rusb (Rust) Aug 25, 2021
Data races in conquer-once High
CVE-2020-36208 was published for conquer-once (Rust) Aug 25, 2021
Data races in aovec High
CVE-2020-36207 was published for aovec (Rust) Aug 25, 2021
Data races in late-static High
CVE-2020-36209 was published for late-static (Rust) Aug 25, 2021
Free of uninitialized memory in autorand High
CVE-2020-36210 was published for autorand (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database