GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
292 advisories
Filter by severity
rustls network-reachable panic in `Acceptor::accept`
Moderate
GHSA-qg5g-gv98-5ffh
was published
for
rustls
(Rust)
Nov 25, 2024
SurrealDB has an Uncaught Exception Sorting Tables by Random Order
Moderate
GHSA-m52v-24p8-654f
was published
for
surrealdb
(Rust)
Nov 22, 2024
SurrealDB has an Uncaught Exception Handling Nonexistent Role
Moderate
GHSA-jc55-246c-r88f
was published
for
surrealdb
(Rust)
Nov 22, 2024
SurrealDB has an Uncaught Exception in Function Generating Random Time
Moderate
GHSA-h4f5-h82v-5w4r
was published
for
surrealdb
(Rust)
Nov 22, 2024
Wrong type for `Linker`-define functions when used across two `Engine`s
Moderate
CVE-2021-39219
was published
for
wasmtime
(pip)
Sep 20, 2021
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Moderate
CVE-2021-39218
was published
for
wasmtime
(pip)
Sep 20, 2021
Use after free passing `externref`s to Wasm in Wasmtime
Moderate
CVE-2021-39216
was published
for
wasmtime
(pip)
Sep 20, 2021
wasm3 uncontrolled memory allocation vulnerability
Moderate
CVE-2024-27529
was published
for
github.com/shareup/wasm-interpreter-apple
(pip)
Nov 9, 2024
Sharks has a Bias of Polynomial Coefficients in Secret Sharing
Moderate
GHSA-jp37-5qhw-mffw
was published
for
sharks
(Rust)
Nov 18, 2024
vodozemac's usage of non-constant time base64 decoder could lead to leakage of secret key material
Moderate
CVE-2024-40640
was published
for
vodozemac
(Rust)
Jul 17, 2024
zlib-rs stack overflow during decompression with malicious input
Moderate
GHSA-j3px-q95c-9683
was published
for
libz-rs-sys
(Rust)
Nov 14, 2024
Mimalloc Can Allocate Memory with Bad Alignment
Moderate
GHSA-g23h-7vf9-xc25
was published
for
mimalloc
(Rust)
Nov 12, 2024
`simd-json-derive` vulnerable to `MaybeUninit` misuse
Moderate
GHSA-pqpw-89w5-82v5
was published
for
simd-json-derive
(Rust)
Nov 12, 2024
loona-hpack Panic Vulnerability
Moderate
CVE-2024-51502
was published
for
loona-hpack
(Rust)
Nov 4, 2024
sp1-recursion-gnark-ffi has insufficient range checks of BabyBear arithmetic
Moderate
GHSA-f77q-r5qm-w4m8
was published
for
sp1-recursion-gnark-ffi
(Rust)
Oct 29, 2024
Weight not properly refunded after EVM execution
Moderate
CVE-2022-39242
was published
for
pallet-ethereum
(Rust)
Sep 23, 2022
Validity check missing in Frontier
Moderate
CVE-2021-41138
was published
for
pallet-ethereum
(Rust)
Oct 13, 2021
Integer underflow in Frontier
Moderate
CVE-2022-21685
was published
for
pallet-evm-precompile-modexp
(Rust)
Jan 14, 2022
Incorrect parsing of EVM reversion exit reason in RPC
Moderate
CVE-2022-36008
was published
for
fc-rpc
(Rust)
Aug 18, 2022
Transaction validity oversight in pallet-ethereum
Moderate
CVE-2021-39193
was published
for
pallet-ethereum
(Rust)
Sep 1, 2021
svix vulnerable to Authentication Bypass
Moderate
CVE-2024-21491
was published
for
svix
(Rust)
Feb 13, 2024
Duplicate Advisory: PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references
Moderate
GHSA-f8x4-f32r-w556
was published
for
pyo3
(Rust)
Oct 15, 2024
•
withdrawn
PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references
Moderate
CVE-2024-9979
was published
for
pyo3
(Rust)
Oct 15, 2024
wasmtime has a runtime crash when combining tail calls with trapping imports
Moderate
CVE-2024-47763
was published
for
wasmtime
(Rust)
Oct 9, 2024
Databento Binary Encoding (DBN) has a heap buffer overflow using c_chars_to_str function
Moderate
GHSA-pfr9-2p92-qrhq
was published
for
dbn
(Rust)
Oct 9, 2024
ProTip!
Advisories are also available from the
GraphQL API