GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
503 advisories
Filter by severity
An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows...
Critical
Unreviewed
CVE-2023-24734
was published
Mar 6, 2023
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in...
Critical
Unreviewed
CVE-2023-25363
was published
Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK...
Critical
Unreviewed
CVE-2023-25362
was published
Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8...
Critical
Unreviewed
CVE-2023-25361
was published
Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8...
Critical
Unreviewed
CVE-2023-25358
was published
Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8...
Critical
Unreviewed
CVE-2023-25360
was published
Mar 2, 2023
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option...
Critical
Unreviewed
CVE-2021-33391
was published
Feb 17, 2023
When processing files, malloc stores the data of the current line. When processing comments,...
Critical
Unreviewed
CVE-2021-33641
was published
Jan 20, 2023
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c has a use...
Critical
Unreviewed
CVE-2022-47939
was published
Dec 23, 2022
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable...
Critical
Unreviewed
CVE-2022-26486
was published
Dec 22, 2022
Session history navigations may have led to a use-after-free and potentially exploitable crash....
Critical
Unreviewed
CVE-2022-34470
was published
Dec 22, 2022
A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This...
Critical
Unreviewed
CVE-2022-46882
was published
Dec 22, 2022
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is...
Critical
Unreviewed
CVE-2021-33640
was published
Dec 19, 2022
drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request.
Critical
Unreviewed
CVE-2022-45474
was published
Nov 18, 2022
Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory...
Critical
Unreviewed
CVE-2022-43286
was published
Oct 29, 2022
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the...
Critical
Unreviewed
CVE-2022-3649
was published
Oct 22, 2022
A vulnerability was found in Exim and classified as problematic. This issue affects the function...
Critical
Unreviewed
CVE-2022-3620
was published
Oct 21, 2022
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this...
Critical
Unreviewed
CVE-2022-38983
was published
Oct 14, 2022
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function...
Critical
Unreviewed
CVE-2022-40009
was published
Sep 21, 2022
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Critical
Unreviewed
CVE-2022-40674
was published
Sep 15, 2022
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io()...
Critical
Unreviewed
CVE-2022-2526
was published
Sep 10, 2022
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190...
Critical
Unreviewed
CVE-2022-2738
was published
Sep 2, 2022
The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes...
Critical
Unreviewed
CVE-2022-20122
was published
Aug 25, 2022
The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes...
Critical
Unreviewed
CVE-2021-39815
was published
Aug 25, 2022
HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code...
Critical
Unreviewed
CVE-2022-38667
was published
Aug 23, 2022
ProTip!
Advisories are also available from the
GraphQL API