Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

154 advisories

Loading
jj vulnerable to path traversal via crafted Git repositories Critical
CVE-2024-51990 was published for jj-lib (Rust) Nov 7, 2024
joernchen yuja
Potential memory corruption in arrayfire Critical
CVE-2018-20998 was published for arrayfire (pip) Aug 25, 2021
westonsteimel
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
SM2 Decryption Buffer Overflow Critical
CVE-2021-3711 was published for openssl-src (Rust) May 24, 2022
another-rex
Unable to generate the correct character set Critical
CVE-2024-36400 was published for nano-id (Rust) Jun 4, 2024
ciffelia
nano-id reduced entropy due to inadequate character set usage Critical
GHSA-2hfw-w739-p7x5 was published for nano-id (Rust) Jun 4, 2024
Spin applications with specific configuration vulnerable to potential network sandbox escape Critical
CVE-2024-32980 was published for spin-sdk (Rust) May 8, 2024
Apollo Router vulnerable to Critical Regression In Query Plan Cache Critical
CVE-2024-32971 was published for apollo-router (Rust) May 2, 2024
xuorig o0Ignition0o
peakematt IvanGoncharov Geal glasser jasonbarnett667 abernix
transpose: Buffer overflow due to integer overflow Critical
GHSA-5gmm-6m36-r7jh was published for transpose (Rust) Apr 5, 2024
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters Critical
CVE-2024-28123 was published for wasmi (Rust) Mar 7, 2024
openssl-src contains Read Buffer Overflow in X.509 Name Constraint Critical
CVE-2022-4203 was published for openssl-src (Rust) Feb 8, 2023
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic result Critical
GHSA-q73f-w3h7-7wcc was published for ckb (Rust) Feb 3, 2024
Nervos CKB P2P DoS Attacks Critical
GHSA-84x2-2qv6-qg56 was published for ckb (Rust) Feb 2, 2024
SQLpage vulnerable to public exposure of database credentials Critical
CVE-2023-42454 was published for sqlpage (Rust) Sep 21, 2023
Out of bounds access in lucet-runtime-internals Critical
CVE-2020-35859 was published for lucet-runtime-internals (Rust) Aug 25, 2021
Double free in crossbeam Critical
CVE-2018-20996 was published for crossbeam (Rust) Aug 25, 2021
Rust Failure Crate Vulnerable to Type confusion Critical
CVE-2019-25010 was published for failure (Rust) Aug 25, 2021
Use-after-free in chttp Critical
CVE-2019-16140 was published for chttp (Rust) Aug 25, 2021
tdunlap607
Out-of-bounds write in stack Critical
CVE-2020-35895 was published for stack (Rust) Aug 25, 2021
tdunlap607
Buffer overflow in SmallVec::insert_many Critical
CVE-2021-25900 was published for smallvec (Rust) May 24, 2022
tdunlap607
Incorrect Comparison in sodiumoxide Critical
CVE-2019-25002 was published for sodiumoxide (Rust) Aug 25, 2021
ruuda
X.509 Email Address 4-byte Buffer Overflow Critical
CVE-2022-3602 was published for openssl-src (Rust) Nov 1, 2022
Incorrect hash in sha2 Critical
CVE-2021-45696 was published for sha2 (Rust) Jan 6, 2022
Buffer Overflow in galois_2p8 Critical
CVE-2022-24988 was published for galois_2p8 (Rust) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API