Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

18 advisories

Loading
Data races in convec High
CVE-2020-36445 was published for convec (Rust) Aug 25, 2021
Data races in libsbc High
CVE-2020-36440 was published for libsbc (Rust) Aug 25, 2021
Data races in beef High
CVE-2020-36442 was published for beef (Rust) Aug 25, 2021
Data races in unicycle High
CVE-2020-36436 was published for unicycle (Rust) Aug 25, 2021
Data races in async-coap High
CVE-2020-36444 was published for async-coap (Rust) Aug 25, 2021
Data race in ruspiro-singleton High
CVE-2020-36435 was published for ruspiro-singleton (Rust) Aug 25, 2021
crossbeam-channel Undefined Behavior before v0.4.4 High
CVE-2020-15254 was published for crossbeam-channel (Rust) Aug 25, 2021
Data races in parc High
CVE-2020-36454 was published for parc (Rust) Aug 25, 2021
quinn invalidly assumes the memory layout of std::net::SocketAddr High
CVE-2021-28036 was published for quinn (Rust) Aug 25, 2021
Data races in signal-simple High
CVE-2020-36446 was published for signal-simple (Rust) Aug 25, 2021
Data race in tiny_future High
CVE-2020-36438 was published for tiny_future (Rust) Aug 25, 2021
Data races in ticketed_lock High
CVE-2020-36439 was published for ticketed_lock (Rust) Aug 25, 2021
Data race in abox High
CVE-2020-36441 was published for abox (Rust) Aug 25, 2021
Data race in conqueue High
CVE-2020-36437 was published for conqueue (Rust) Aug 25, 2021
Rust-WebSocket memory allocation based on untrusted length High
CVE-2022-35922 was published for websocket (Rust) Aug 6, 2022
evanrichter
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend` High
CVE-2022-36086 was published for linked_list_allocator (Rust) Sep 16, 2022
evanrichter
WASM3 Improper Input Validation vulnerability High
CVE-2022-39974 was published for pywasm3 (pip) Sep 21, 2022
Arrow2 allows out of bounds access in public safe API High
GHSA-wv8j-m3hx-924j was published for arrow2 (Rust) May 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database