GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
Improper Input Validation in cookie
High
CVE-2017-18589
was published
for
cookie
(Rust)
Aug 25, 2021
Improper Input Validation in once_cell
High
CVE-2019-16141
was published
for
once_cell
(Rust)
Aug 25, 2021
Improper Input Validation in renderdoc
Critical
CVE-2019-16142
was published
for
renderdoc
(Rust)
Aug 25, 2021
Unexpected panic when decoding tokens in branca
Moderate
CVE-2020-35918
was published
for
branca
(Rust)
Aug 25, 2021
Transaction validity oversight in pallet-ethereum
Moderate
CVE-2021-39193
was published
for
pallet-ethereum
(Rust)
Sep 1, 2021
Validity check missing in Frontier
Moderate
CVE-2021-41138
was published
for
pallet-ethereum
(Rust)
Oct 13, 2021
Unexpected panics in num-bigint
Moderate
GHSA-v935-pqmr-g8v9
was published
for
num-bigint
(Rust)
Nov 3, 2021
Improper Input Validation in fruity
High
CVE-2021-43620
was published
for
fruity
(Rust)
Nov 16, 2021
Apache Avro Rust SDK corrupted data read can cause crash
High
CVE-2022-36125
was published
for
apache-avro
(Rust)
Aug 10, 2022
WASM3 Improper Input Validation vulnerability
High
CVE-2022-39974
was published
for
pywasm3
(pip)
Sep 21, 2022
russh may use insecure Diffie-Hellman keys
Moderate
CVE-2023-28113
was published
for
russh
(Rust)
Mar 17, 2023
lol-html panics on certain HTML inputs
High
CVE-2023-4241
was published
for
lol-html
(Rust)
Aug 9, 2023
Denial of Service issue in quinn-proto
High
CVE-2023-42805
was published
for
quinn-proto
(Rust)
Sep 21, 2023
Insufficient permission checking in `Deno.makeTemp*` APIs
Moderate
CVE-2024-27931
was published
for
deno
(Rust)
Mar 5, 2024
Deno's improper suffix match testing for DENO_AUTH_TOKENS
Moderate
CVE-2024-27932
was published
for
deno
(Rust)
Mar 6, 2024
qdrant is vulnerable to path traversal due to improper input validation in the `/collections/{name}/snapshots/upload` endpoint
Critical
CVE-2024-3584
was published
for
qdrant
(Rust)
Jun 2, 2024
ProTip!
Advisories are also available from the
GraphQL API