GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
50 advisories
Filter by severity
Use after free in string-interner
High
CVE-2019-16882
was published
for
string-interner
(Rust)
Aug 25, 2021
Use after free in portaudio-rs
Critical
CVE-2019-16881
was published
for
portaudio-rs
(Rust)
Aug 25, 2021
Use after free and double free in bitvec
Critical
CVE-2020-35862
was published
for
bitvec
(Rust)
Aug 25, 2021
Use after free in actix-service
Moderate
CVE-2020-35899
was published
for
actix-service
(Rust)
Aug 25, 2021
Use after free in actix-utils
Critical
CVE-2020-35898
was published
for
actix-utils
(Rust)
Aug 25, 2021
Use-after-free in actix-codec
Critical
CVE-2020-35902
was published
for
actix-codec
(Rust)
Aug 25, 2021
Use after free in nano_arena
Critical
CVE-2021-28032
was published
for
nano_arena
(Rust)
Aug 25, 2021
Use after free in generic-array
High
CVE-2020-36465
was published
for
generic-array
(Rust)
Aug 25, 2021
Use after free in libpulse-binding
High
GHSA-ghpq-vjxw-ch5w
was published
for
libpulse-binding
(Rust)
Aug 25, 2021
use-after-free vulnerability in Rust array-queue
Moderate
CVE-2020-35900
was published
for
array-queue
(Rust)
Aug 25, 2021
Use after free in libpulse-binding
Moderate
CVE-2018-25001
was published
for
libpulse-binding
(Rust)
Aug 30, 2021
Memory Safety Issue when using patch or merge on state and assign the result back to state
Moderate
CVE-2021-39228
was published
for
tremor-script
(Rust)
Sep 20, 2021
ProTip!
Advisories are also available from the
GraphQL API