GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
306 advisories
Filter by severity
miow invalidly assumes the memory layout of std::net::SocketAddr
Moderate
CVE-2020-35921
was published
for
miow
(Rust)
Aug 25, 2021
mio invalidly assumes the memory layout of std::net::SocketAddr
Moderate
CVE-2020-35922
was published
for
mio
(Rust)
Aug 25, 2021
ordered_float:NotNan may contain NaN after panic in assignment operators
Moderate
CVE-2020-35923
was published
for
ordered-float
(Rust)
Aug 25, 2021
Improper random number generation in nanorand
Moderate
CVE-2020-35926
was published
for
nanorand
(Rust)
Aug 25, 2021
Data races in futures-intrusive
Moderate
CVE-2020-35915
was published
for
futures-intrusive
(Rust)
Aug 25, 2021
Mutable reference with immutable provenance in image
Moderate
CVE-2020-35916
was published
for
image
(Rust)
Aug 25, 2021
Unexpected panic when decoding tokens in branca
Moderate
CVE-2020-35918
was published
for
branca
(Rust)
Aug 25, 2021
Incorrect buffer size in crossbeam-channel
Moderate
CVE-2020-35904
was published
for
crossbeam-channel
(Rust)
Aug 25, 2021
Use after free in actix-service
Moderate
CVE-2020-35899
was published
for
actix-service
(Rust)
Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Moderate
CVE-2020-35886
was published
for
arr
(Rust)
Aug 25, 2021
HTTP Request smuggling in tiny_http
Moderate
CVE-2020-35884
was published
for
tiny_http
(Rust)
Aug 25, 2021
Uninitialized memory exposure in claxon
Moderate
CVE-2018-20992
was published
for
claxon
(Rust)
Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio
Moderate
CVE-2016-10933
was published
for
portaudio
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API