GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
352 advisories
Filter by severity
crossbeam-channel Undefined Behavior before v0.4.4
High
CVE-2020-15254
was published
for
crossbeam-channel
(Rust)
Aug 25, 2021
Data races in ticketed_lock
High
GHSA-gq4h-f254-7cw9
was published
for
ticketed_lock
(Rust)
Aug 25, 2021
Data races in tiny_future
High
GHSA-m296-j53x-xv95
was published
for
tiny_future
(Rust)
Aug 25, 2021
Slock<T> allows sending non-Send types across thread boundaries
High
GHSA-83r8-p8v6-6gfm
was published
for
slock
(Rust)
Aug 25, 2021
SyncChannel<T> can move 'T: !Send' to other threads
High
GHSA-8892-84wf-cg8f
was published
for
signal-simple
(Rust)
Aug 25, 2021
Mishandling of format strings in ncurses
High
CVE-2019-15547
was published
for
ncurses
(Rust)
Aug 25, 2021
Format string vulnerabilities in pancurses
High
CVE-2019-15546
was published
for
pancurses
(Rust)
Aug 25, 2021
Uninitialized memory use in generator
High
CVE-2019-16144
was published
for
generator
(Rust)
Aug 25, 2021
Links in archive can create arbitrary directories
High
CVE-2021-38511
was published
for
tar
(Rust)
Aug 25, 2021
HTTP Request Smuggling in actix-http
High
CVE-2021-38512
was published
for
actix-http
(Rust)
Aug 25, 2021
Data race in ruspiro-singleton
High
CVE-2020-36435
was published
for
ruspiro-singleton
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API