Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

339 advisories

Loading
Unaligned memory allocation in chunky High
CVE-2020-36433 was published for chunky (Rust) Aug 25, 2021
Data races in unicycle High
CVE-2020-36436 was published for unicycle (Rust) Aug 25, 2021
Data race in ruspiro-singleton High
CVE-2020-36435 was published for ruspiro-singleton (Rust) Aug 25, 2021
HTTP Request Smuggling in actix-http High
CVE-2021-38512 was published for actix-http (Rust) Aug 25, 2021
Links in archive can create arbitrary directories High
CVE-2021-38511 was published for tar (Rust) Aug 25, 2021
Uninitialized memory use in generator High
CVE-2019-16144 was published for generator (Rust) Aug 25, 2021
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
Mishandling of format strings in ncurses High
CVE-2019-15547 was published for ncurses (Rust) Aug 25, 2021
Data race in conqueue High
CVE-2020-36437 was published for conqueue (Rust) Aug 25, 2021
Data race in tiny_future High
CVE-2020-36438 was published for tiny_future (Rust) Aug 25, 2021
Data races in ticketed_lock High
CVE-2020-36439 was published for ticketed_lock (Rust) Aug 25, 2021
Data races in libsbc High
CVE-2020-36440 was published for libsbc (Rust) Aug 25, 2021
Data race in abox High
CVE-2020-36441 was published for abox (Rust) Aug 25, 2021
Data races in beef High
CVE-2020-36442 was published for beef (Rust) Aug 25, 2021
Data races in async-coap High
CVE-2020-36444 was published for async-coap (Rust) Aug 25, 2021
Data races in signal-simple High
CVE-2020-36446 was published for signal-simple (Rust) Aug 25, 2021
Data races in convec High
CVE-2020-36445 was published for convec (Rust) Aug 25, 2021
Data races in bunch High
CVE-2020-36450 was published for bunch (Rust) Aug 25, 2021
Data races in multiqueue High
GHSA-jf43-3v8j-qwwr was published for multiqueue (Rust) Aug 25, 2021
Race condition in Parc High
GHSA-xwxc-j97j-84gf was published for parc (Rust) Aug 25, 2021
SyncChannel<T> can move 'T: !Send' to other threads High
GHSA-8892-84wf-cg8f was published for signal-simple (Rust) Aug 25, 2021
Slock<T> allows sending non-Send types across thread boundaries High
GHSA-83r8-p8v6-6gfm was published for slock (Rust) Aug 25, 2021
Data races on syncpool High
GHSA-r88h-6987-g79f was published for syncpool (Rust) Aug 25, 2021
Data races in tiny_future High
GHSA-m296-j53x-xv95 was published for tiny_future (Rust) Aug 25, 2021
Data races in ticketed_lock High
GHSA-gq4h-f254-7cw9 was published for ticketed_lock (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API