GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
165 advisories
Deno node:crypto doesn't finalize cipher
Critical
CVE-2026-22863
was published
for
deno
(Rust)
Jan 16, 2026
Use-after-free in actix-codec
Critical
CVE-2020-35902
was published
for
actix-codec
(Rust)
Aug 25, 2021
Use after free in actix-utils
Critical
CVE-2020-35898
was published
for
actix-utils
(Rust)
Aug 25, 2021
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64
Critical
CVE-2023-26489
was published
for
cranelift-codegen
(Rust)
Mar 9, 2023
SurrealDB server-takeover via SurrealQL injection on backup import
Critical
GHSA-ccj3-5p93-8p42
was published
for
surrealdb
(Rust)
Apr 11, 2025
Improper Scope Validation in the `open` Endpoint of `tauri-plugin-shell`
Critical
CVE-2025-31477
was published
for
@tauri-apps/plugin-shell
(npm)
Apr 2, 2025
Namada-apps allows Excessive Computation in Mempool Validation
Critical
GHSA-f8qm-hmm3-fv7f
was published
for
namada-apps
(Rust)
Feb 20, 2025
Namada-apps can Crash with Excessive Computation in Mempool Validation
Critical
GHSA-82vg-5v4f-f9wq
was published
for
namada-apps
(Rust)
Feb 20, 2025
panic on parsing crafted phonenumber inputs
Critical
CVE-2024-39697
was published
for
phonenumber
(Rust)
Jul 9, 2024
jj vulnerable to path traversal via crafted Git repositories
Critical
CVE-2024-51990
was published
for
jj-lib
(Rust)
Nov 7, 2024
Potential memory corruption in arrayfire
Critical
CVE-2018-20998
was published
for
arrayfire
(pip)
Aug 25, 2021
Type confusion if __private_get_type_id__ is overriden
Critical
CVE-2020-25575
was published
for
failure
(Rust)
Jun 16, 2022
SM2 Decryption Buffer Overflow
Critical
CVE-2021-3711
was published
for
openssl-src
(Rust)
May 24, 2022
Unable to generate the correct character set
Critical
CVE-2024-36400
was published
for
nano-id
(Rust)
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API