GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
289 advisories
Filter by severity
Integer Overflow in Chunked Transfer-Encoding
Moderate
CVE-2021-32714
was published
for
hyper
(Rust)
Jul 12, 2021
VecStorage Deserialize Allows Violation of Length Invariant
Moderate
GHSA-h3mf-4fwp-59c7
was published
for
nalgebra
(Rust)
Aug 5, 2021
•
withdrawn
Multiple memory safety issues in actix-web
Moderate
GHSA-w65j-g6c7-g3m4
was published
for
actix-web
(Rust)
Aug 25, 2021
Improper Certificate Validation in security-framework
Moderate
CVE-2017-18588
was published
for
security-framework
(Rust)
Aug 25, 2021
Headers containing newline characters can split messages in hyper
Moderate
CVE-2017-18587
was published
for
hyper
(Rust)
Aug 25, 2021
HTTPS MitM vulnerability due to lack of hostname verification
Moderate
CVE-2016-10932
was published
for
hyper
(Rust)
Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio
Moderate
CVE-2016-10933
was published
for
portaudio
(Rust)
Aug 25, 2021
Uninitialized memory exposure in claxon
Moderate
CVE-2018-20992
was published
for
claxon
(Rust)
Aug 25, 2021
HTTP Request smuggling in tiny_http
Moderate
CVE-2020-35884
was published
for
tiny_http
(Rust)
Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Moderate
CVE-2020-35886
was published
for
arr
(Rust)
Aug 25, 2021
Use after free in actix-service
Moderate
CVE-2020-35899
was published
for
actix-service
(Rust)
Aug 25, 2021
Incorrect buffer size in crossbeam-channel
Moderate
CVE-2020-35904
was published
for
crossbeam-channel
(Rust)
Aug 25, 2021
Unexpected panic when decoding tokens in branca
Moderate
CVE-2020-35918
was published
for
branca
(Rust)
Aug 25, 2021
Mutable reference with immutable provenance in image
Moderate
CVE-2020-35916
was published
for
image
(Rust)
Aug 25, 2021
Data races in futures-intrusive
Moderate
CVE-2020-35915
was published
for
futures-intrusive
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API