GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
347 advisories
Use after free in actix-service
Moderate
CVE-2020-35899
was published
for
actix-service
(Rust)
Aug 25, 2021
wasmtime has a runtime crash when combining tail calls with trapping imports
Moderate
CVE-2024-47763
was published
for
wasmtime
(Rust)
Oct 9, 2024
Wasmtime out of bounds read/write with zero-memory-pages configuration
Moderate
CVE-2022-39392
was published
for
wasmtime
(Rust)
Nov 10, 2022
Cranelift vulnerable to miscompilation of constant values in division on AArch64
Moderate
CVE-2022-31169
was published
for
cranelift-codegen
(Rust)
Jul 21, 2022
Miscompilation of `i8x16.swizzle` and `select` with v128 inputs
Moderate
CVE-2022-31104
was published
for
cranelift-codegen
(Rust)
Jun 29, 2022
Wasmtime vulnerable to Use After Free with `externref`s
Moderate
CVE-2022-31146
was published
for
cranelift-codegen
(Rust)
Jul 20, 2022
Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals
Moderate
CVE-2022-23636
was published
for
wasmtime
(Rust)
Feb 16, 2022
Pleezer resource exhaustion through uncollected hook script processes
Moderate
CVE-2025-32439
was published
for
pleezer
(Rust)
Apr 14, 2025
SurrealDB bypass of deny-net flags via redirect results in server-side request forgery (SSRF)
Moderate
GHSA-5q9x-554g-9jgg
was published
for
surrealdb
(Rust)
Apr 11, 2025
SurrealDB vulnerable to memory exhaustion via nested functions and scripts
Moderate
GHSA-m7rc-8w7m-r9qr
was published
for
surrealdb
(Rust)
Apr 10, 2025
Lemmy user purging users or communities or banning users can delete images they didn't upload/exclusively use
Moderate
GHSA-wr2m-38xh-rpc9
was published
for
lemmy_server
(Rust)
Apr 8, 2025
Jujutsu does not have SHA-1 collision detection
Moderate
GHSA-794x-2rpg-rfgr
was published
for
jj-cli
(Rust)
Apr 7, 2025
gitoxide does not detect SHA-1 collision attacks
Moderate
CVE-2025-31130
was published
for
gitoxide
(Rust)
Apr 4, 2025
tough root metadata version is not checked for sequential versioning
Moderate
CVE-2025-2885
was published
for
tough
(Rust)
Mar 28, 2025
tough terminating targets role delegations are not respected
Moderate
CVE-2025-2886
was published
for
tough
(Rust)
Mar 28, 2025
ProTip!
Advisories are also available from the
GraphQL API