GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,204
Composer 4,097
Erlang 29
GitHub Actions 19
Go 1,925
Maven 5,117
npm 3,657
NuGet 638
pip 3,264
Pub 10
RubyGems 873
Rust 823
Swift 35

Unreviewed advisories

All unreviewed 229,419

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

503 advisories

Filter by severity

Sort by

Least recently updated

An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows... Critical Unreviewed

CVE-2023-24734 was published Mar 6, 2023

A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in... Critical Unreviewed

CVE-2023-25363 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK... Critical Unreviewed

CVE-2023-25362 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8... Critical Unreviewed

CVE-2023-25361 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8... Critical Unreviewed

CVE-2023-25358 was published Mar 2, 2023

A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8... Critical Unreviewed

CVE-2023-25360 was published Mar 2, 2023

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option... Critical Unreviewed

CVE-2021-33391 was published Feb 17, 2023

When processing files, malloc stores the data of the current line. When processing comments,... Critical Unreviewed

CVE-2021-33641 was published Jan 20, 2023

An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c has a use... Critical Unreviewed

CVE-2022-47939 was published Dec 23, 2022

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable... Critical Unreviewed

CVE-2022-26486 was published Dec 22, 2022

Session history navigations may have led to a use-after-free and potentially exploitable crash.... Critical Unreviewed

CVE-2022-34470 was published Dec 22, 2022

A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This... Critical Unreviewed

CVE-2022-46882 was published Dec 22, 2022

After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is... Critical Unreviewed

CVE-2021-33640 was published Dec 19, 2022

drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. Critical Unreviewed

CVE-2022-45474 was published Nov 18, 2022

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory... Critical Unreviewed

CVE-2022-43286 was published Oct 29, 2022

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the... Critical Unreviewed

CVE-2022-3649 was published Oct 22, 2022

A vulnerability was found in Exim and classified as problematic. This issue affects the function... Critical Unreviewed

CVE-2022-3620 was published Oct 21, 2022

The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this... Critical Unreviewed

CVE-2022-38983 was published Oct 14, 2022

SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function... Critical Unreviewed

CVE-2022-40009 was published Sep 21, 2022

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. Critical Unreviewed

CVE-2022-40674 was published Sep 15, 2022

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io()... Critical Unreviewed

CVE-2022-2526 was published Sep 10, 2022

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190... Critical Unreviewed

CVE-2022-2738 was published Sep 2, 2022

The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes... Critical Unreviewed

CVE-2022-20122 was published Aug 25, 2022

The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes... Critical Unreviewed

CVE-2021-39815 was published Aug 25, 2022

HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code... Critical Unreviewed

CVE-2022-38667 was published Aug 23, 2022

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

503 advisories