Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

155 advisories

Loading
Use of Uninitialized Resource in ash. Critical
CVE-2021-45688 was published for ash (Rust) Jan 6, 2022
tdunlap607
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45693 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs Critical
CVE-2021-45691 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45692 was published for messagepack-rs (Rust) Jan 6, 2022
Use of Uninitialized Resource in gfx-auxil Critical
CVE-2021-45689 was published for gfx-auxil (Rust) Jan 6, 2022
Use of Uninitialized Resource in messagepack-rs. Critical
CVE-2021-45690 was published for messagepack-rs (Rust) Jan 6, 2022
Incorrect reliance on Trait memory layout in mopa Critical
CVE-2021-45695 was published for mopa (Rust) Jan 6, 2022
RPC call failure in ckb Critical
CVE-2021-45698 was published for ckb (Rust) Jan 6, 2022
The `total_size` function for partial read the length of any `FixVec` is incorrect in molecule. Critical
CVE-2021-45697 was published for molecule (Rust) Jan 6, 2022
Incorrect hash in sha2 Critical
CVE-2021-45696 was published for sha2 (Rust) Jan 6, 2022
Use After Free in tremor-script Critical
CVE-2021-45701 was published for tremor-script (Rust) Jan 6, 2022
Use of Uninitialized Resource in tectonic_xdv Critical
CVE-2021-45703 was published for tectonic_xdv (Rust) Jan 6, 2022
Pointer dereference in nanorand Critical
CVE-2021-45705 was published for nanorand (Rust) Jan 6, 2022
Memory flaw in zeroize_derive Critical
CVE-2021-45706 was published for zeroize_derive (Rust) Jan 6, 2022
KamilaBorowska
Use of a Broken or Risky Cryptographic Algorithm in crypto2 Critical
CVE-2021-45709 was published for crypto2 (Rust) Jan 6, 2022
Deno's static imports inside dynamically imported modules do not adhere to permission checks Critical
CVE-2021-32619 was published for deno (Rust) Sep 23, 2021
nayeemrmn
Drop of uninitialized memory in stack_dst Critical
CVE-2021-28035 was published for stack_dst (Rust) Sep 1, 2021
Double free in stack_dst Critical
CVE-2021-28034 was published for stack_dst (Rust) Sep 1, 2021
Double free in toodee Critical
CVE-2021-28028 was published for toodee (Rust) Sep 1, 2021
Process crashes when the cell used as DepGroup is not alive Critical
GHSA-45p7-c959-rgcm was published for ckb (Rust) Aug 25, 2021
crossbeam-deque Data Race before v0.7.4 and v0.8.1 Critical
CVE-2021-32810 was published for crossbeam-deque (Rust) Aug 25, 2021
kmaork
Use of Uninitialized Resource in alg_ds Critical
CVE-2020-36432 was published for alg_ds (Rust) Aug 25, 2021
Use of Uninitialized Resource in libp2p-deflate Critical
CVE-2020-36443 was published for libp2p-deflate (Rust) Aug 25, 2021
Buffer overflow and format vulnerabilities in ncurses Critical
CVE-2019-15548 was published for ncurses (Rust) Aug 25, 2021
Double free in sys-info Critical
CVE-2020-36434 was published for sys-info (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database