Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

22 advisories

Loading
Wrong memory orderings violates mutual exclusion in spin High
CVE-2019-16137 was published for spin (Rust) Aug 25, 2021
Data races in thex Moderate
CVE-2020-35927 was published for thex (Rust) Aug 25, 2021
Data races in gfwx High
CVE-2020-36211 was published for gfwx (Rust) Aug 25, 2021
Data races in late-static High
CVE-2020-36209 was published for late-static (Rust) Aug 25, 2021
Data races in aovec High
CVE-2020-36207 was published for aovec (Rust) Aug 25, 2021
Data races in conquer-once High
CVE-2020-36208 was published for conquer-once (Rust) Aug 25, 2021
Data races in rusb High
CVE-2020-36206 was published for rusb (Rust) Aug 25, 2021
Data races in im Moderate
CVE-2020-36204 was published for im (Rust) Aug 25, 2021
bartschuller Credited to bartschuller and tdunlap607 tdunlap607 tdunlap607
Data race in atomic-option Moderate
CVE-2020-36219 was published for atomic-option (Rust) Aug 25, 2021
Improper synchronization in buttplug Moderate
CVE-2020-36218 was published for buttplug (Rust) Aug 25, 2021
Data race in may_queue Moderate
CVE-2020-36217 was published for may_queue (Rust) Aug 25, 2021
Data race in eventio Moderate
CVE-2020-36216 was published for eventio (Rust) Aug 25, 2021
Data races in hashconsing High
CVE-2020-36215 was published for hashconsing (Rust) Aug 25, 2021
Data races in multiqueue2 Moderate
CVE-2020-36214 was published for multiqueue2 (Rust) Aug 25, 2021
Data race in va-ts Moderate
CVE-2020-36220 was published for va-ts (Rust) Aug 25, 2021
Improper Synchronization and Race Condition in vm-memory High
CVE-2020-13759 was published for vm-memory (Rust) Aug 25, 2021
Deadlock in mutually recursive `tf.function` objects Moderate
CVE-2021-41213 was published for tensorflow (pip) Nov 10, 2021
Improper Synchronization in Jenkins Convertigo Mobile Platform Plugin Low
CVE-2022-25210 was published for com.convertigo.jenkins.plugins:convertigo-mobile-platform (Maven) Feb 16, 2022
NotMyFault Credited to NotMyFault
Grafana Missing Synchronization vulnerability High
CVE-2023-2801 was published for github.com/grafana/grafana (Go) Jun 6, 2023
Evmos transaction execution not accounting for all state transition after interaction with precompiles Critical
CVE-2024-32644 was published for github.com/evmos/evmos/v16 (Go) Apr 10, 2024
iczc Credited to iczc
Vyper has a double eval in For List Iter Low
CVE-2025-27104 was published for vyper (pip) Feb 21, 2025
OliveTin has unauthenticated DoS via concurrent map writes in OAuth2 state handling High
CVE-2026-28789 was published for github.com/OliveTin/OliveTin (Go) Mar 2, 2026
kule500 Credited to kule500
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database