Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

226 advisories

Loading
crack does not properly restrict casts of string values High
CVE-2013-1800 was published for crack (RubyGems) Oct 24, 2017
extlib does not properly restrict casts of string values High
CVE-2013-1802 was published for extlib (RubyGems) Oct 24, 2017
Devise does not properly perform type conversion when performing database queries Moderate
CVE-2013-0233 was published for devise (RubyGems) Oct 24, 2017
Unsound casting in flatbuffers Critical
CVE-2019-25004 was published for flatbuffers (Rust) Aug 25, 2021
Dangling reference in flatbuffers High
CVE-2020-35864 was published for flatbuffers (Rust) Aug 25, 2021
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked` High
CVE-2020-35865 was published for os_str_bytes (Rust) Aug 25, 2021
Unsoundness in bigint Critical
CVE-2020-35880 was published for bigint (Rust) Aug 25, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian
Cachet vulnerable to forced reinstall High
CVE-2021-39173 was published for cachethq/cachet (Composer) Aug 30, 2021
thomas-chauchefoin-sonarsource
Improperly checked metadata on tools/armour itemstacks received from the client High
GHSA-46c5-pfj8-fv65 was published for pocketmine/pocketmine-mp (Composer) Mar 18, 2022
JavierLeon9966
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion... Critical Unreviewed
CVE-2018-4944 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API