Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

849 advisories

Loading
SurrealDB has an Uncaught Exception Sorting Tables by Random Order Moderate
GHSA-m52v-24p8-654f was published for surrealdb (Rust) Nov 22, 2024
finnbear extrawurst
SurrealDB has an Uncaught Exception Handling Nonexistent Role Moderate
GHSA-jc55-246c-r88f was published for surrealdb (Rust) Nov 22, 2024
garyhai
SurrealDB has an Uncaught Exception in Function Generating Random Time Moderate
GHSA-h4f5-h82v-5w4r was published for surrealdb (Rust) Nov 22, 2024
Sharks has a Bias of Polynomial Coefficients in Secret Sharing Moderate
GHSA-jp37-5qhw-mffw was published for sharks (Rust) Nov 18, 2024
zlib-rs stack overflow during decompression with malicious input Moderate
GHSA-j3px-q95c-9683 was published for libz-rs-sys (Rust) Nov 14, 2024
inahga
s2n-tls has undefined behavior at process exit Low
GHSA-rp9h-rf7g-hwgr was published for s2n-tls (Rust) Nov 14, 2024
Mimalloc Can Allocate Memory with Bad Alignment Moderate
GHSA-g23h-7vf9-xc25 was published for mimalloc (Rust) Nov 12, 2024
paillier-zk has ambiguous challenge derivation Low
GHSA-fpr5-jp2j-4q2f was published for paillier-zk (Rust) Nov 12, 2024
cggmp21 vulnerable to ambiguous challenge derivation Low
GHSA-rm66-9gh4-4gp8 was published for cggmp21 (Rust) Nov 12, 2024
`simd-json-derive` vulnerable to `MaybeUninit` misuse Moderate
GHSA-pqpw-89w5-82v5 was published for simd-json-derive (Rust) Nov 12, 2024
cggmp21-keygen has ambiguous challenge derivation Low
GHSA-7jjx-3qw9-j6h6 was published for cggmp21-keygen (Rust) Nov 12, 2024
`fast-float` has multiple soundness issues Low
GHSA-x8jh-xj3x-gx3c was published for fast-float (Rust) Nov 12, 2024
wasm3 uncontrolled memory allocation vulnerability Moderate
CVE-2024-27529 was published for github.com/shareup/wasm-interpreter-apple (pip) Nov 9, 2024
sp1 has insufficient observation of cumulative sum Low
GHSA-8m24-3cfx-9fjw was published for sp1-recursion-circuit (Rust) Nov 8, 2024
jj vulnerable to path traversal via crafted Git repositories Critical
CVE-2024-51990 was published for jj-lib (Rust) Nov 7, 2024
joernchen yuja
cap-std doesn't fully sandbox all the Windows device filenames Low
CVE-2024-51756 was published for cap-async-std (Rust) Nov 5, 2024
nathaniel-daniel
Wasmtime doesn't fully sandbox all the Windows device filenames Low
CVE-2024-51745 was published for wasmtime (Rust) Nov 5, 2024
nathaniel-daniel
loona-hpack Panic Vulnerability Moderate
CVE-2024-51502 was published for loona-hpack (Rust) Nov 4, 2024
sp1-recursion-gnark-ffi has insufficient range checks of BabyBear arithmetic Moderate
GHSA-f77q-r5qm-w4m8 was published for sp1-recursion-gnark-ffi (Rust) Oct 29, 2024
PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references Moderate
CVE-2024-9979 was published for pyo3 (Rust) Oct 15, 2024
Duplicate Advisory: PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references Moderate
GHSA-f8x4-f32r-w556 was published for pyo3 (Rust) Oct 15, 2024 withdrawn
wasmtime has a runtime crash when combining tail calls with trapping imports Moderate
CVE-2024-47763 was published for wasmtime (Rust) Oct 9, 2024
alexcrichton fitzgen
Databento Binary Encoding (DBN) has a heap buffer overflow using c_chars_to_str function Moderate
GHSA-pfr9-2p92-qrhq was published for dbn (Rust) Oct 9, 2024
Improper Authorization in Select Permissions High
GHSA-9722-9j67-vjcr was published for surrealdb (Rust) Oct 8, 2024
5hanth Xkonti
ProTip! Advisories are also available from the GraphQL API