GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
699 advisories
Filter by severity
Information disclosure in JBoss Weld
Moderate
CVE-2014-8122
was published
for
org.jboss.weld:weld-core-bom
(Maven)
Jun 10, 2020
ECDSA signature vulnerability of Minerva timing attack in jsrsasign
Moderate
GHSA-g753-jx37-7xwh
was published
for
jsrsasign
(npm)
Jun 30, 2020
Data races in model
Moderate
GHSA-8q64-wrfr-q48c
was published
for
model
(Rust)
Aug 25, 2021
•
withdrawn
Data races in unicycle
Moderate
GHSA-7mg7-m5c3-3hqj
was published
for
unicycle
(Rust)
Aug 25, 2021
•
withdrawn
Send/Sync bound needed on T for Send/Sync impl of RcuCell<T>
Moderate
GHSA-jh2g-xhqq-x4w9
was published
for
rcu_cell
(Rust)
Aug 25, 2021
•
withdrawn
Singleton lacks bounds on Send and Sync.
Moderate
GHSA-vj88-5667-w56p
was published
for
ruspiro-singleton
(Rust)
Aug 25, 2021
•
withdrawn
MvccRwLock allows data races & aliasing violations
Moderate
GHSA-mgg8-9pvp-6qcw
was published
for
noise_search
(Rust)
Aug 25, 2021
•
withdrawn
Data races in generator
Moderate
GHSA-h6gg-fvf5-qgwf
was published
for
generator
(Rust)
Aug 25, 2021
•
withdrawn
Queue<T> should have a Send bound on its Send/Sync traits
Moderate
GHSA-v42f-j8fx-99f3
was published
for
scottqueue
(Rust)
Aug 25, 2021
•
withdrawn
Multiple memory safety issues in actix-web
Moderate
GHSA-w65j-g6c7-g3m4
was published
for
actix-web
(Rust)
Aug 25, 2021
cookie-signature Timing Attack
Moderate
CVE-2016-1000236
was published
for
cookie-signature
(npm)
Jan 6, 2020
In gasket_alloc_coherent_memory of gasket_page_table.c, there is a possible memory corruption due...
Moderate
Unreviewed
CVE-2021-39735
was published
Mar 17, 2022
In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is...
Moderate
Unreviewed
CVE-2021-39727
was published
Mar 17, 2022
In usb_gadget_giveback_request of core.c, there is a possible use after free out of bounds read...
Moderate
Unreviewed
CVE-2021-39792
was published
Mar 17, 2022
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition....
Moderate
Unreviewed
CVE-2021-0920
was published
Dec 16, 2021
When visiting directory listings for `chrome://` URLs as source text, some parameters were...
Moderate
Unreviewed
CVE-2022-36318
was published
Dec 22, 2022
In vow, there is a possible memory corruption due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-20078
was published
Apr 12, 2022
A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE...
Moderate
Unreviewed
CVE-2022-27481
was published
Apr 13, 2022
In vow, there is a possible memory corruption due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-20077
was published
Apr 12, 2022
In SUB2AF, there is a possible memory corruption due to a race condition. This could lead to...
Moderate
Unreviewed
CVE-2022-20080
was published
Apr 12, 2022
FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any...
Moderate
Unreviewed
CVE-2011-1075
was published
Apr 22, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security
Moderate
CVE-2011-2731
was published
for
org.springframework.security:spring-security-core
(Maven)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API