GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,932

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

524 advisories

Filter by severity

Sort by

Least recently updated

A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81... Critical Unreviewed

CVE-2023-28081 was published May 19, 2023

A use-after-free related to unsound inference in the bytecode generation when optimizations are... Critical Unreviewed

CVE-2023-30470 was published May 19, 2023

In OnWakelockReleased of attribution_processor.cc, there is a use after free that could lead to... Critical Unreviewed

CVE-2023-21096 was published Apr 19, 2023

Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to... Critical Unreviewed

CVE-2023-21459 was published Mar 16, 2023

An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows... Critical Unreviewed

CVE-2023-24734 was published Mar 6, 2023

A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK... Critical Unreviewed

CVE-2023-25362 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in... Critical Unreviewed

CVE-2023-25363 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8... Critical Unreviewed

CVE-2023-25361 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8... Critical Unreviewed

CVE-2023-25358 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8... Critical Unreviewed

CVE-2023-25360 was published Mar 2, 2023

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option... Critical Unreviewed

CVE-2021-33391 was published Feb 17, 2023

When processing files, malloc stores the data of the current line. When processing comments,... Critical Unreviewed

CVE-2021-33641 was published Jan 20, 2023

An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c has a use... Critical Unreviewed

CVE-2022-47939 was published Dec 23, 2022

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable... Critical Unreviewed

CVE-2022-26486 was published Dec 22, 2022

Session history navigations may have led to a use-after-free and potentially exploitable crash.... Critical Unreviewed

CVE-2022-34470 was published Dec 22, 2022

A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This... Critical Unreviewed

CVE-2022-46882 was published Dec 22, 2022

After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is... Critical Unreviewed

CVE-2021-33640 was published Dec 19, 2022

drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. Critical Unreviewed

CVE-2022-45474 was published Nov 18, 2022

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory... Critical Unreviewed

CVE-2022-43286 was published Oct 29, 2022

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the... Critical Unreviewed

CVE-2022-3649 was published Oct 22, 2022

A vulnerability was found in Exim and classified as problematic. This issue affects the function... Critical Unreviewed

CVE-2022-3620 was published Oct 21, 2022

The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this... Critical Unreviewed

CVE-2022-38983 was published Oct 14, 2022

SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function... Critical Unreviewed

CVE-2022-40009 was published Sep 21, 2022

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. Critical Unreviewed

CVE-2022-40674 was published Sep 15, 2022

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io()... Critical Unreviewed

CVE-2022-2526 was published Sep 10, 2022

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

524 advisories