Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,613
NuGet
638
pip
3,210
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

276 advisories

Loading
Cross-site Scripting in ammonia Moderate
CVE-2021-38193 was published for ammonia (Rust) Aug 25, 2021
Race condition in tokio Moderate
CVE-2021-38191 was published for tokio (Rust) Aug 25, 2021
Cross-site Scripting in comrak Moderate
CVE-2021-38186 was published for comrak (Rust) Aug 25, 2021
tdunlap607
Data races in generator Moderate
GHSA-h6gg-fvf5-qgwf was published for generator (Rust) Aug 25, 2021 withdrawn
Memory over-allocation in evm-core Moderate
GHSA-773q-5334-5gf9 was published for evm-core (Rust) Aug 25, 2021
openssl-src NULL pointer Dereference in signature_algorithms processing Moderate
CVE-2021-3449 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Error on unsupported architectures in raw-cpuid Moderate
CVE-2021-26307 was published for raw-cpuid (Rust) Aug 25, 2021
tdunlap607
Out of bounds read in lazy-init Moderate
CVE-2021-25901 was published for lazy-init (Rust) Aug 25, 2021
Integer Overflow in openssl-src Moderate
CVE-2021-23841 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Cross site scripting in comrak Moderate
CVE-2021-27671 was published for comrak (Rust) Aug 25, 2021
tdunlap607
Data race in va-ts Moderate
CVE-2020-36220 was published for va-ts (Rust) Aug 25, 2021
Data races in multiqueue2 Moderate
CVE-2020-36214 was published for multiqueue2 (Rust) Aug 25, 2021
Data race in eventio Moderate
CVE-2020-36216 was published for eventio (Rust) Aug 25, 2021
Data race in may_queue Moderate
CVE-2020-36217 was published for may_queue (Rust) Aug 25, 2021
Improper synchronization in buttplug Moderate
CVE-2020-36218 was published for buttplug (Rust) Aug 25, 2021
Data race in atomic-option Moderate
CVE-2020-36219 was published for atomic-option (Rust) Aug 25, 2021
Data races in reffers Moderate
CVE-2020-36203 was published for reffers (Rust) Aug 25, 2021
Data races in im Moderate
CVE-2020-36204 was published for im (Rust) Aug 25, 2021
bartschuller tdunlap607
Memory handling issues in xcb Moderate
CVE-2020-36205 was published for xcb (Rust) Aug 25, 2021
socket2 invalidly assumes the memory layout of std::net::SocketAddr Moderate
CVE-2020-35920 was published for net2 (Rust) Aug 25, 2021
miow invalidly assumes the memory layout of std::net::SocketAddr Moderate
CVE-2020-35921 was published for miow (Rust) Aug 25, 2021
KamilaBorowska
mio invalidly assumes the memory layout of std::net::SocketAddr Moderate
CVE-2020-35922 was published for mio (Rust) Aug 25, 2021
tdunlap607
ordered_float:NotNan may contain NaN after panic in assignment operators Moderate
CVE-2020-35923 was published for ordered-float (Rust) Aug 25, 2021
saethlin tdunlap607
Data races in try-mutex Moderate
CVE-2020-35924 was published for try-mutex (Rust) Aug 25, 2021
Data races in thex Moderate
CVE-2020-35927 was published for thex (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API