Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

317 advisories

Loading
ink! vulnerable to incorrect decoding of storage value when using `DelegateCall` Moderate
CVE-2023-34449 was published for ink (Rust) Jun 14, 2023
Ouroboros is Unsound Moderate
GHSA-87mf-9wg6-ppf8 was published for ouroboros (Rust) Jun 12, 2023
trust-dns vulnerable to Remote Attackers causing Denial-of-Service (packet loops) with crafted DNS packets Moderate
GHSA-5fm9-h728-fwpj was published for trust-dns-server (Rust) Jun 6, 2023
Stored cross site scripting in Microbin Moderate
CVE-2023-27075 was published for microbin (Rust) May 4, 2023
Tauri Open Redirect Vulnerability Possibly Exposes IPC to External Sites Moderate
CVE-2023-31134 was published for tauri (Rust) May 3, 2023
AWS SDK for Rust will log AWS credentials when TRACE-level logging is enabled for request sending Moderate
CVE-2023-30610 was published for aws-sigv4 (Rust) Apr 26, 2023
Adverserial use of `make_bitflags!` macro can cause undefined behavior Moderate
GHSA-qvc4-78gw-pv8p was published for enumflags2 (Rust) Apr 24, 2023
Parsing borsh messages with ZST which are not-copy/clone is unsound Moderate
GHSA-fjx5-qpf4-xjf2 was published for borsh (Rust) Apr 17, 2023
h2 vulnerable to denial of service Moderate
CVE-2023-26964 was published for h2 (Rust) Apr 11, 2023
FirelightFlagboy seanmonstar
KisaragiEffective JohnTitor
ntru-rs has unsound FFI: Wrong API usage causes write past allocated area Moderate
GHSA-fq33-vmhv-48xh was published for ntru (Rust) Apr 7, 2023
Regular Expression Denial of Service in Deno.upgradeWebSocket API Moderate
CVE-2023-26103 was published for deno (Rust) Apr 3, 2023
dellalibera
Comrak AST node data is not validated (GHSL-2023-049) Moderate
CVE-2023-28631 was published for comrak (Rust) Mar 28, 2023
darakian
Comrak vulnerable to production of excessive output when parsing Markdown (GHSL-2023-048) Moderate
GHSA-xxmq-4vph-956w was published for comrak (Rust) Mar 28, 2023
philipturnbull
Comrak vulnerable to quadratic runtime issues when parsing Markdown (GHSL-2023-047) Moderate
CVE-2023-28626 was published for comrak (Rust) Mar 28, 2023
philipturnbull
NATS TLS certificate common name validation bypass Moderate
GHSA-wvc4-j7g5-4f79 was published for nats (Rust) Mar 27, 2023
`openssl` `X509NameBuilder::build` returned object is not thread safe Moderate
GHSA-3gxf-9r58-2ghg was published for openssl (Rust) Mar 24, 2023
async-nats vulnerable to TLS certificate common name validation bypass Moderate
GHSA-f5v5-ccqc-6w36 was published for async-nats (Rust) Mar 24, 2023
`rmp-serde` `Raw` and `RawRef` may crash when receiving invalid UTF-8 Moderate
GHSA-255r-3prx-mf99 was published for rmp-serde (Rust) Mar 22, 2023
NULL pointer derefernce in `stb_image` Moderate
GHSA-ppjr-267j-5p9x was published for stb_image (Rust) Mar 20, 2023
russh may use insecure Diffie-Hellman keys Moderate
CVE-2023-28113 was published for russh (Rust) Mar 17, 2023
Holzhaus lambdafu
`out_reference::Out::from_raw` should be `unsafe` Moderate
GHSA-p7mj-xvxg-grff was published for out-reference (Rust) Mar 13, 2023
Maligned causes incorrect deallocation Moderate
GHSA-wm8x-php5-hvq6 was published for maligned (Rust) Mar 7, 2023
partial_sort contains Out-of-bounds Read in release mode Moderate
GHSA-5x36-7567-3cw6 was published for partial_sort (Rust) Feb 28, 2023
ProTip! Advisories are also available from the GraphQL API