Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

904 advisories

Loading
ntpd NTS client denial of service via wrongly sized cookies Moderate
GHSA-v83q-83hj-rw38 was published for ntpd (Rust) Feb 28, 2025
rzaba0
Below has Incorrect Permission Assignment for Critical Resource High
CVE-2025-27591 was published for below (Rust) Mar 11, 2025
mgerstner
Withdrawn Advisory: urlnorm vulnerable to Regular Expression Denial of Service High
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023 withdrawn
Crash due to uncontrolled recursion in protobuf crate Moderate
GHSA-2gh3-rmm4-6rq5 was published for protobuf (Rust) Mar 7, 2025
qcp has possible crash/DOS in some build configurations Moderate
GHSA-fmwf-c46w-r8qm was published for qcp (Rust) Mar 8, 2025
Some AES functions may panic when overflow checking is enabled in ring Moderate
GHSA-4p46-pwfr-66x6 was published for ring (Rust) Mar 7, 2025
AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure Moderate
CVE-2025-27498 was published for ascon_aead (Rust) Mar 3, 2025
thealtofwar
OpenH264 Rust API Openh264 Decoding Functions Heap Overflow Vulnerability High
GHSA-5pmw-9j92-3c4c was published for openh264-sys2 (Rust) Feb 24, 2025
Namada-apps allows Excessive Computation in Mempool Validation Critical
GHSA-f8qm-hmm3-fv7f was published for namada-apps (Rust) Feb 20, 2025
feliam
Namada-apps can Crash with Excessive Computation in Mempool Validation Critical
GHSA-82vg-5v4f-f9wq was published for namada-apps (Rust) Feb 20, 2025
feliam
Namada-apps allows Post-Genesis Validator Bypass Critical
GHSA-2gw2-qgjg-xh6p was published for namada-apps (Rust) Feb 20, 2025
Fyrox has unsound usages of `Vec::from_raw_parts` Low
GHSA-h7h7-6mx3-r89v was published for fyrox-core (Rust) Feb 14, 2025
Uncaught Panic in ORML Rewards Pallet High
GHSA-5v93-9mqw-p9mh was published for orml-rewards (Rust) Feb 14, 2025
Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses Low
CVE-2023-41051 was published for vm-memory (Rust) Sep 4, 2023
Manishearth
openssl-src contains Read Buffer Overflow in X.509 Name Constraint Critical
CVE-2022-4203 was published for openssl-src (Rust) Feb 8, 2023
openssl-src subject to NULL dereference validating DSA public key High
CVE-2023-0217 was published for openssl-src (Rust) Feb 8, 2023
openssl-src subject to Timing Oracle in RSA Decryption Moderate
CVE-2022-4304 was published for openssl-src (Rust) Feb 8, 2023
another-rex
openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functions High
CVE-2023-0216 was published for openssl-src (Rust) Feb 8, 2023
openssl-src vulnerable to Use-after-free following `BIO_new_NDEF` High
CVE-2023-0215 was published for openssl-src (Rust) Feb 8, 2023
another-rex
openssl-src contains Double free after calling `PEM_read_bio_ex` High
CVE-2022-4450 was published for openssl-src (Rust) Feb 8, 2023
michaelkedar
Vulnerable OpenSSL included in cryptography wheels High
CVE-2023-0286 was published for cryptography (pip) Feb 8, 2023
ehe9991
rust-openssl ssl::select_next_proto use after free Moderate
CVE-2025-24898 was published for openssl (Rust) Feb 3, 2025
mmastrac
Server-Side Request Forgery (SSRF) in activitypub_federation Moderate
CVE-2025-25194 was published for activitypub_federation (Rust) Feb 10, 2025
nnfrog
Hickory DNS failure to verify self-signed RRSIG for DNSKEYs Moderate
GHSA-v7pc-74h8-xq2h was published for hickory-proto (Rust) Feb 10, 2025
Hickory DNS's DNSSEC validation may accept broken authentication chains Moderate
CVE-2025-25188 was published for hickory-proto (Rust) Feb 10, 2025
divergentdave
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database