Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Leak in Aliyun KeySecret Moderate
CVE-2022-39397 was published for aliyun-oss-client (Rust) Nov 21, 2022
Exposure of Sensitive Information to an Unauthorized Actor in MongoDB Rust Driver Moderate
CVE-2021-20332 was published for mongodb (Rust) May 24, 2022
alex-semenyuk richardfan0606
File exposure in pleaser Low
CVE-2021-31153 was published for pleaser (Rust) Aug 25, 2021
another-rex
Slack Morphism for Rust before 0.41.0 can leak Slack OAuth client information in application debug logs High
CVE-2022-31162 was published for slack-morphism (Rust) Jul 20, 2022
tdunlap607
SQLpage vulnerable to public exposure of database credentials Critical
CVE-2023-42454 was published for sqlpage (Rust) Sep 21, 2023
Environment variables still accessible through /proc Moderate
GHSA-wj7f-468m-6mv8 was published for birdcage (Rust) Dec 1, 2023
Tauri's Updater Private Keys Possibly Leaked via Vite Environment Variables High
CVE-2023-46115 was published for @tauri-apps/cli (npm) Oct 20, 2023
Any authenticated user may obtain private message details from other users on the same instance High
CVE-2024-23649 was published for lemmy_server (Rust) Jan 24, 2024
Nothing4You
PQClean has a correctness error in HQC decapsulation High
GHSA-753p-wrj5-g8fj was published for pqcrypto-hqc (Rust) Dec 11, 2024
dgoudarzi SWilson4
TunnelVision - decloaking VPNs using DHCP Moderate
GHSA-hqmp-g7ph-x543 was published for quincy (Rust) Dec 27, 2024
fetch: Authorization headers not dropped when redirecting cross-origin High
CVE-2025-21620 was published for deno (Rust) Jan 6, 2025
rexxars
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database