GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
339 advisories
Filter by severity
Array size is not checked in sized-chunks
High
CVE-2020-25792
was published
for
sized-chunks
(Rust)
Aug 25, 2021
Stack consumption in trust-dns-server
High
CVE-2020-35857
was published
for
trust-dns-server
(Rust)
Aug 25, 2021
Incorrect implementation in streebog
High
CVE-2019-25007
was published
for
streebog
(Rust)
Aug 25, 2021
libsecp256k1 contains side-channel timing attack
High
CVE-2019-25003
was published
for
libsecp256k1
(Rust)
Aug 25, 2021
Excessive memory usage in tokio-rustls
High
CVE-2020-35875
was published
for
tokio-rustls
(Rust)
Aug 25, 2021
Dangling reference in flatbuffers
High
CVE-2020-35864
was published
for
flatbuffers
(Rust)
Aug 25, 2021
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked`
High
CVE-2020-35865
was published
for
os_str_bytes
(Rust)
Aug 25, 2021
Off-by-one error in simple-slab
High
CVE-2020-35893
was published
for
simple-slab
(Rust)
Aug 25, 2021
Free of uninitialized memory in autorand
High
CVE-2020-36210
was published
for
autorand
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API