Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Deserializing an array can free uninitialized memory in byte_struct Critical
CVE-2021-28033 was published for byte_struct (Rust) Aug 25, 2021
tdunlap607
Out of bounds read in bra Critical
CVE-2021-25905 was published for bra (Rust) Aug 25, 2021
tdunlap607
Read of uninitialized memory in cdr Critical
CVE-2021-26305 was published for cdr (Rust) Aug 25, 2021
tdunlap607
Calculation error in ark-r1cs-std Critical
CVE-2021-38194 was published for ark-r1cs-std (Rust) Aug 25, 2021
tdunlap607
webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URL Critical
CVE-2022-45299 was published for webbrowser (Rust) Jan 13, 2023
tdunlap607
Use of Uninitialized Resource in ash. Critical
CVE-2021-45688 was published for ash (Rust) Jan 6, 2022
tdunlap607
Use after free in libflate Critical
CVE-2019-15552 was published for libflate (Rust) Aug 25, 2021
tdunlap607
Out of bounds write in prost Critical
CVE-2020-35858 was published for prost (Rust) Aug 25, 2021
tdunlap607
Double free in smallvec Critical
CVE-2019-15551 was published for smallvec (Rust) Aug 25, 2021
tdunlap607
Heap overflow or corruption in safe-transmute Critical
CVE-2018-21000 was published for safe-transmute (Rust) Aug 25, 2021
tdunlap607
Sandbox bypass leading to arbitrary code execution in Deno Critical
CVE-2022-24783 was published for deno (Rust) Mar 29, 2022
DjDeveloperr andreubotella
aapoalas lucacasonato tdunlap607
Buffer overflow in SmallVec::insert_many Critical
CVE-2021-25900 was published for smallvec (Rust) May 24, 2022
tdunlap607
Out-of-bounds write in stack Critical
CVE-2020-35895 was published for stack (Rust) Aug 25, 2021
tdunlap607
Use-after-free in chttp Critical
CVE-2019-16140 was published for chttp (Rust) Aug 25, 2021
tdunlap607
ProTip! Advisories are also available from the GraphQL API