Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
Use after free in rio Critical
CVE-2020-35876 was published for rio (Rust) Aug 25, 2021
use-after-free vulnerability in Rust array-queue Moderate
CVE-2020-35900 was published for array-queue (Rust) Aug 25, 2021
Use after free in libpulse-binding High
GHSA-ghpq-vjxw-ch5w was published for libpulse-binding (Rust) Aug 25, 2021
Use-after-free in yottadb Critical
CVE-2021-27377 was published for yottadb (Rust) Aug 25, 2021
Use-after-free in actix-http High
CVE-2020-35901 was published for actix-http (Rust) Aug 25, 2021
iana-time-zone vulnerable to use after free in MacOS / iOS implementation Moderate
GHSA-3fg9-hcq5-vxrc was published for iana-time-zone (Rust) Aug 30, 2022
Fix a use-after-free bug in diesels Sqlite backend Critical
CVE-2021-28305 was published for diesel (Rust) May 24, 2022
Use after free in heapless High
CVE-2020-36464 was published for heapless (Rust) Aug 25, 2021
Use after free in generic-array High
CVE-2020-36465 was published for generic-array (Rust) Aug 25, 2021
Use After Free in lucet High
CVE-2021-43790 was published for lucet-runtime (Rust) Nov 30, 2021
iximeow acfoltzer
cratelyn aturon alexcrichton aggarwaa
Credited to iximeow, acfoltzer, cratelyn, aturon, alexcrichton, and aggarwaa
Memory handling issues in xcb Moderate
CVE-2020-36205 was published for xcb (Rust) Aug 25, 2021
Memory Safety Issue when using patch or merge on state and assign the result back to state Moderate
CVE-2021-39228 was published for tremor-script (Rust) Sep 20, 2021
Use after free and double free in bitvec Critical
CVE-2020-35862 was published for bitvec (Rust) Aug 25, 2021
futures_task::waker may cause a use-after-free if used on a type that isn't 'static High
CVE-2020-35906 was published for futures-task (Rust) May 24, 2022
Use after free in libflate Critical
CVE-2019-15552 was published for libflate (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Use After Free in libpulse-binding High
CVE-2018-25028 was published for libpulse-binding (Rust) Jan 6, 2022
Use After Free in libpulse-binding High
CVE-2018-25027 was published for libpulse-binding (Rust) Jan 6, 2022
Use after free in image Critical
CVE-2019-16138 was published for image (Rust) Aug 25, 2021
Use After Free in lru High
CVE-2021-45720 was published for lru (Rust) Jan 7, 2022
Use after free in openssl Critical
CVE-2018-20997 was published for openssl (Rust) Aug 25, 2021
Use after free in nano_arena Critical
CVE-2021-28032 was published for nano_arena (Rust) Aug 25, 2021
Use After Free in rusqlite High
CVE-2021-45719 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in rusqlite High
CVE-2021-45713 was published for rusqlite (Rust) Jan 6, 2022
tdunlap607
Credited to tdunlap607
Use After Free in rusqlite High
CVE-2021-45716 was published for rusqlite (Rust) Jan 6, 2022
Use After Free in rusqlite High
CVE-2021-45717 was published for rusqlite (Rust) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database