Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
Data races in try-mutex Moderate
CVE-2020-35924 was published for try-mutex (Rust) Aug 25, 2021
Data races in reffers Moderate
CVE-2020-36203 was published for reffers (Rust) Aug 25, 2021
Data race in may_queue Moderate
CVE-2020-36217 was published for may_queue (Rust) Aug 25, 2021
Data race in eventio Moderate
CVE-2020-36216 was published for eventio (Rust) Aug 25, 2021
Data race in va-ts Moderate
CVE-2020-36220 was published for va-ts (Rust) Aug 25, 2021
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime Moderate
CVE-2021-39218 was published for wasmtime (pip) Sep 20, 2021
cfallin fitzgen
Out-of-bounds Write in nix Moderate
CVE-2021-45707 was published for nix (Rust) Jan 6, 2022
Polyhistorian
Wasmtime out of bounds read/write with zero-memory-pages configuration Moderate
CVE-2022-39392 was published for wasmtime (Rust) Nov 10, 2022
alexcrichton
`serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access Moderate
CVE-2023-50711 was published for vmm-sys-util (Rust) Jan 2, 2024
bchalios
Memory over-allocation in evm crate Moderate
CVE-2021-29511 was published for evm (Rust) Jan 30, 2024
Miniscript allows stack consumption Moderate
CVE-2024-44073 was published for miniscript (Rust) Aug 19, 2024
apoelstra
grcov has an out of bounds write triggered by crafted coverage data Moderate
GHSA-qm2p-4w45-v2vr was published for grcov (Rust) Feb 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database