Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

153 advisories

Loading
SMTP command injection in lettre Critical
CVE-2021-38189 was published for lettre (Rust) Jul 12, 2021
paolobarbolini
OS command injection in ripgrep Critical
CVE-2021-3013 was published for grep-cli (Rust) Aug 5, 2021
Double free in smallvec Critical
CVE-2018-20991 was published for smallvec (Rust) Aug 25, 2021
Memory corruption slice-deque Critical
CVE-2018-20995 was published for slice-deque (Rust) Aug 25, 2021
Double free in crossbeam Critical
CVE-2018-20996 was published for crossbeam (Rust) Aug 25, 2021
Heap overflow or corruption in safe-transmute Critical
CVE-2018-21000 was published for safe-transmute (Rust) Aug 25, 2021
tdunlap607
Potential memory corruption in arrayfire Critical
CVE-2018-20998 was published for arrayfire (pip) Aug 25, 2021
westonsteimel
Use after free in openssl Critical
CVE-2018-20997 was published for openssl (Rust) Aug 25, 2021
Memory corruption in smallvec Critical
CVE-2019-15554 was published for smallvec (Rust) Aug 25, 2021
Out of bounds write in slice-deque Critical
CVE-2019-15543 was published for slice-deque (Rust) Aug 25, 2021
Double free in linea Critical
CVE-2019-16880 was published for linea (Rust) Aug 25, 2021
Algorithms compute incorrect results in blake2 Critical
CVE-2019-16143 was published for blake2 (Rust) Aug 25, 2021
Use-after-free in chttp Critical
CVE-2019-16140 was published for chttp (Rust) Aug 25, 2021
tdunlap607
Use after free in image Critical
CVE-2019-16138 was published for image (Rust) Aug 25, 2021
Out of bounds access in compact_arena Critical
CVE-2019-16139 was published for compact_arena (Rust) Aug 25, 2021
Improper Input Validation in renderdoc Critical
CVE-2019-16142 was published for renderdoc (Rust) Aug 25, 2021
Use after free in libflate Critical
CVE-2019-15552 was published for libflate (Rust) Aug 25, 2021
tdunlap607
Double free in smallvec Critical
CVE-2019-15551 was published for smallvec (Rust) Aug 25, 2021
tdunlap607
Access of Uninitialized Pointer in linked-hash-map Critical
CVE-2020-25573 was published for linked-hash-map (Rust) Aug 25, 2021
Out of bounds access in rgb Critical
CVE-2020-25016 was published for rgb (Rust) Aug 25, 2021
Use after free in portaudio-rs Critical
CVE-2019-16881 was published for portaudio-rs (Rust) Aug 25, 2021
Incorrect Comparison in sodiumoxide Critical
CVE-2019-25002 was published for sodiumoxide (Rust) Aug 25, 2021
ruuda
HTTP Request Smuggling in hyper Critical
CVE-2020-35863 was published for hyper (Rust) Aug 25, 2021
Out of bounds write in prost Critical
CVE-2020-35858 was published for prost (Rust) Aug 25, 2021
tdunlap607
Out of bounds access in lucet-runtime-internals Critical
CVE-2020-35859 was published for lucet-runtime-internals (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database