GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
Memory access due to code generation flaw in Cranelift module
High
CVE-2021-32629
was published
for
cranelift-codegen
(Rust)
Aug 25, 2021
Out of bounds read in simple-slab
Critical
CVE-2020-35892
was published
for
simple-slab
(Rust)
Aug 25, 2021
Cap'n Proto and its Rust implementation vulnerable to out-of-bounds read due to logic error handling list-of-list
Moderate
CVE-2022-46149
was published
for
capnp
(Rust)
Dec 5, 2022
linux-loader reading beyond EOF could lead to infinite loop
Low
CVE-2022-23523
was published
for
linux-loader
(Rust)
Dec 12, 2022
partial_sort contains Out-of-bounds Read in release mode
Moderate
GHSA-5x36-7567-3cw6
was published
for
partial_sort
(Rust)
Feb 28, 2023
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64
Critical
CVE-2023-26489
was published
for
cranelift-codegen
(Rust)
Mar 9, 2023
Wasmtime out of bounds read/write with zero-memory-pages configuration
Moderate
CVE-2022-39392
was published
for
wasmtime
(Rust)
Nov 10, 2022
Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses
Moderate
CVE-2023-28448
was published
for
versionize
(Rust)
Mar 24, 2023
Deno improperly handles resizable ArrayBuffer
Critical
CVE-2023-28445
was published
for
Deno
(Rust)
Mar 23, 2023
Out of bounds access in compact_arena
Critical
CVE-2019-16139
was published
for
compact_arena
(Rust)
Aug 25, 2021
Out of bounds read in lazy-init
Moderate
CVE-2021-25901
was published
for
lazy-init
(Rust)
Aug 25, 2021
Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
Moderate
CVE-2021-39218
was published
for
wasmtime
(Rust)
Sep 20, 2021
Out of bounds access in lucet-runtime-internals
Critical
CVE-2020-35859
was published
for
lucet-runtime-internals
(Rust)
Aug 25, 2021
Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses
Low
CVE-2023-41051
was published
for
vm-memory
(Rust)
Sep 4, 2023
openssl-src contains Read Buffer Overflow in X.509 Name Constraint
Critical
CVE-2022-4203
was published
for
openssl-src
(Rust)
Feb 8, 2023
Read buffer overruns processing ASN.1 strings
High
CVE-2021-3712
was published
for
openssl-src
(Rust)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API