Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

86 advisories

Loading
move_elements can double-free objects on panic Critical
CVE-2021-28031 was published for scratchpad (Rust) May 24, 2022
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via... Critical Unreviewed
CVE-2019-15504 was published May 24, 2022
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017... Critical Unreviewed
CVE-2019-8044 was published May 24, 2022
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of... Critical Unreviewed
CVE-2018-20961 was published May 24, 2022
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC... Critical Unreviewed
CVE-2019-12874 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7080 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017... Critical Unreviewed
CVE-2019-7784 was published May 24, 2022
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c... Critical Unreviewed
CVE-2016-3132 was published May 17, 2022
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have... Critical Unreviewed
CVE-2016-3177 was published May 17, 2022
Creolabs Gravity version 1.0 is vulnerable to a Double Free in gravity_value resulting... Critical Unreviewed
CVE-2017-1000072 was published May 17, 2022
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows... Critical Unreviewed
CVE-2017-12858 was published May 17, 2022
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows... Critical Unreviewed
CVE-2015-7700 was published May 17, 2022
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd)... Critical Unreviewed
CVE-2016-6912 was published May 17, 2022
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the... Critical Unreviewed
CVE-2016-5768 was published May 14, 2022
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension... Critical Unreviewed
CVE-2016-5772 was published May 14, 2022
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors. Critical Unreviewed
CVE-2017-1000231 was published May 14, 2022
The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote... Critical Unreviewed
CVE-2018-7263 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9165 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed
CVE-2018-3593 was published May 14, 2022
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is... Critical Unreviewed
CVE-2017-16820 was published May 14, 2022
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26... Critical Unreviewed
CVE-2017-5334 was published May 14, 2022
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic... Critical Unreviewed
CVE-2017-18201 was published May 14, 2022
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing... Critical Unreviewed
CVE-2016-8618 was published May 14, 2022
In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free.... Critical Unreviewed
CVE-2018-9356 was published May 14, 2022
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c... Critical Unreviewed
CVE-2017-18174 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database