Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,017
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

25 advisories

Loading
alloy-dyn-abi has DoS vulnerability on `alloy_dyn_abi::TypedData` hashing High
CVE-2025-62370 was published for alloy-dyn-abi (Rust) Oct 15, 2025
emostov cr-tk
Credited to emostov and cr-tk
cel-rust May Panic During Parsing of Invalid CEL Expressions High
CVE-2025-62162 was published for cel (Rust) Oct 11, 2025
howardjohn alexsnaps
Credited to howardjohn and alexsnaps
Crash due to uncontrolled recursion in protobuf crate Moderate
CVE-2025-53605 was published for protobuf (Rust) Mar 7, 2025
morningstarxcdcode
Credited to morningstarxcdcode
anon-vec lacks sufficient checks in public API Low
GHSA-pr59-jjr4-gcf6 was published for anon-vec (Rust) Jun 5, 2025
fast_id_map has a soundness issue and is unmaintained Moderate
GHSA-4h96-mv53-2c86 was published for fast_id_map (Rust) May 8, 2025
Improper Scope Validation in the `open` Endpoint of `tauri-plugin-shell` Critical
CVE-2025-31477 was published for @tauri-apps/plugin-shell (npm) Apr 2, 2025
Rigidity tweidinger
chippers lucasfernog
Credited to Rigidity, tweidinger, chippers, and lucasfernog
Validity check missing in Frontier Moderate
CVE-2021-41138 was published for pallet-ethereum (Rust) Oct 13, 2021
Transaction validity oversight in pallet-ethereum Moderate
CVE-2021-39193 was published for pallet-ethereum (Rust) Sep 1, 2021
qdrant is vulnerable to path traversal due to improper input validation in the `/collections/{name}/snapshots/upload` endpoint Critical
CVE-2024-3584 was published for qdrant (Rust) Jun 2, 2024
Deno's improper suffix match testing for DENO_AUTH_TOKENS Moderate
CVE-2024-27932 was published for deno (Rust) Mar 6, 2024
easrng mmastrac
Credited to easrng and mmastrac
Insufficient permission checking in `Deno.makeTemp*` APIs Moderate
CVE-2024-27931 was published for deno (Rust) Mar 5, 2024
ericcornelissen mmastrac
Credited to ericcornelissen and mmastrac
Grin Insufficient Validation High
CVE-2020-6638 was published for grin (Rust) May 24, 2022
lol-html panics on certain HTML inputs High
CVE-2023-4241 was published for lol-html (Rust) Aug 9, 2023
Denial of Service issue in quinn-proto High
CVE-2023-42805 was published for quinn-proto (Rust) Sep 21, 2023
QUICTester
Credited to QUICTester
WASM3 Improper Input Validation vulnerability High
CVE-2022-39974 was published for pywasm3 (pip) Sep 21, 2022
librsvg DoS via Cyclic References High
CVE-2015-7558 was published for librsvg (Rust) May 17, 2022
Improper Input Validation in renderdoc Critical
CVE-2019-16142 was published for renderdoc (Rust) Aug 25, 2021
Unexpected panic in multihash High
CVE-2020-35909 was published for multihash (Rust) Aug 25, 2021
Improper Input Validation in once_cell High
CVE-2019-16141 was published for once_cell (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Improper Input Validation in fruity High
CVE-2021-43620 was published for fruity (Rust) Nov 16, 2021
Unexpected panic when decoding tokens in branca Moderate
CVE-2020-35918 was published for branca (Rust) Aug 25, 2021
tdunlap607
Credited to tdunlap607
Improper Input Validation in cookie High
CVE-2017-18589 was published for cookie (Rust) Aug 25, 2021
russh may use insecure Diffie-Hellman keys Moderate
CVE-2023-28113 was published for russh (Rust) Mar 17, 2023
Holzhaus lambdafu
Credited to Holzhaus and lambdafu
Apache Avro Rust SDK corrupted data read can cause crash High
CVE-2022-36125 was published for apache-avro (Rust) Aug 10, 2022
Unexpected panics in num-bigint Moderate
GHSA-v935-pqmr-g8v9 was published for num-bigint (Rust) Nov 3, 2021
guidovranken arvidn
Credited to guidovranken and arvidn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database