Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

804 advisories

Loading
serde-json-wasm stack overflow during recursive JSON parsing High
GHSA-rr69-rxr6-8qwf was published for serde-json-wasm (Rust) Feb 9, 2024
Unauthenticated Nonce Increment in snow Moderate
GHSA-7g9j-g5jg-3vv3 was published for snow (Rust) Jan 24, 2024
libgit2-sys affected by memory corruption, denial of service, and arbitrary code execution in libgit2 High
GHSA-22q8-ghmq-63vf was published for libgit2-sys (Rust) Feb 12, 2024
Use after free in libpulse-binding Moderate
CVE-2018-25001 was published for libpulse-binding (Rust) Aug 30, 2021
socket2 invalidly assumes the memory layout of std::net::SocketAddr Moderate
CVE-2020-35920 was published for net2 (Rust) Aug 25, 2021
svix vulnerable to Authentication Bypass Moderate
CVE-2024-21491 was published for svix (Rust) Feb 13, 2024
atty potential unaligned read Low
GHSA-g98v-hv3f-hcfr was published for atty (Rust) Jun 30, 2023
SamirTalwar typecasto
AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure Moderate
CVE-2023-42811 was published for aes-gcm (Rust) Sep 22, 2023
nandita-v
Tungstenite allows remote attackers to cause a denial of service High
CVE-2023-43669 was published for tungstenite (Rust) Sep 21, 2023
bayandin tsal
Uncaught Exception Handling Parsing Errors on Line Terminators Moderate
GHSA-8xff-473h-f863 was published for surrealdb (Rust) Feb 21, 2024
Cheyenne1025
Uncaught Exception in Macro Expecting Native Function to Exist Moderate
GHSA-6wr5-jmpr-mjcx was published for surrealdb (Rust) Feb 21, 2024
idofilus
Externally Controlled Format String in Scripting Functions High
GHSA-q3gg-m8hr-h4x4 was published for surrealdb (Rust) Feb 21, 2024
akkie
Out-of-bounds Write in nix Moderate
CVE-2021-45707 was published for nix (Rust) Jan 6, 2022
Polyhistorian
Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service High
CVE-2019-25008 was published for http (Rust) Jun 16, 2022 withdrawn
matveybaykalov
Insufficient permission checking in `Deno.makeTemp*` APIs Moderate
CVE-2024-27931 was published for deno (Rust) Mar 5, 2024
ericcornelissen mmastrac
Duplicate Advisory: eza Potential Heap Overflow Vulnerability for AArch64 Moderate
GHSA-3xc6-7h59-j2x4 was published for eza (Rust) Mar 6, 2024 withdrawn
eza Potential Heap Overflow Vulnerability for AArch64 High
CVE-2024-25817 was published for eza (Rust) Feb 8, 2024
CuB3y0nd FuzzyLitchi
cafkafk inspector-ambitious
*const c_void / ExternalPointer unsoundness leading to use-after-free Moderate
CVE-2024-27934 was published for Deno (Rust) Mar 6, 2024
leesh3288
Apollo Router's Compressed Payloads do not respect HTTP Payload Limits Moderate
CVE-2024-28101 was published for apollo-router (Rust) Mar 6, 2024
IvanGoncharov Geal
peakematt
Mio's tokens for named pipes may be delivered after deregistration High
CVE-2024-27308 was published for mio (Rust) Mar 4, 2024
rofoun radekvit
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters Critical
CVE-2024-28123 was published for wasmi (Rust) Mar 7, 2024
quiche vulnerable to unbounded storage of information related to connection ID retirement Low
CVE-2024-1410 was published for quiche (Rust) Mar 13, 2024
marten-seemann
quiche vulnerable to unlimited resource allocation by QUIC CRYPTO frames flooding Moderate
CVE-2024-1765 was published for quiche (Rust) Mar 13, 2024
Miscompilation of `i8x16.swizzle` and `select` with v128 inputs Moderate
CVE-2022-31104 was published for cranelift-codegen (Rust) Jun 29, 2022
alexcrichton MaineK00n
ProTip! Advisories are also available from the GraphQL API