GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
69 advisories
Filter by severity
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021,
avoid possible mbuf double...
Critical
Unreviewed
CVE-2024-10934
was published
Nov 15, 2024
A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function...
Critical
Unreviewed
CVE-2024-35325
was published
Jun 13, 2024
A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig...
Critical
Unreviewed
CVE-2024-22097
was published
Feb 20, 2024
A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The...
Critical
Unreviewed
CVE-2024-23809
was published
Feb 20, 2024
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free,...
Critical
Unreviewed
CVE-2023-49937
was published
Dec 14, 2023
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and...
Critical
Unreviewed
CVE-2023-35784
was published
Jun 16, 2023
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
Critical
Unreviewed
CVE-2022-40515
was published
Mar 10, 2023
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules...
Critical
Unreviewed
CVE-2021-33304
was published
Feb 16, 2023
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms...
Critical
Unreviewed
CVE-2023-25136
was published
Feb 3, 2023
curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a...
Critical
Unreviewed
CVE-2022-42915
was published
Oct 30, 2022
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This...
Critical
Unreviewed
CVE-2022-0699
was published
Oct 17, 2022
Double free vulnerability in the storage module. Successful exploitation of this vulnerability...
Critical
Unreviewed
CVE-2022-39002
was published
Sep 17, 2022
Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto,...
Critical
Unreviewed
CVE-2022-25668
was published
Sep 3, 2022
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of...
Critical
Unreviewed
CVE-2022-23459
was published
Aug 20, 2022
A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation...
Critical
Unreviewed
CVE-2020-27794
was published
Aug 20, 2022
Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms...
Critical
Unreviewed
CVE-2022-22086
was published
Jun 15, 2022
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Critical
Unreviewed
CVE-2019-5481
was published
May 24, 2022
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances...
Critical
Unreviewed
CVE-2021-22945
was published
May 24, 2022
Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double free in flb_free (called from...
Critical
Unreviewed
CVE-2021-36088
was published
May 24, 2022
Miniaudio 0.10.35 has a Double free vulnerability that could cause a buffer overflow in...
Critical
Unreviewed
CVE-2021-34184
was published
May 24, 2022
Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon...
Critical
Unreviewed
CVE-2021-1910
was published
May 24, 2022
In the standard library in Rust before 1.53.0, a double free can occur in the Vec::from_iter...
Critical
Unreviewed
CVE-2021-31162
was published
May 24, 2022
In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the...
Critical
Unreviewed
CVE-2020-36318
was published
May 24, 2022
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double...
Critical
Unreviewed
CVE-2021-0397
was published
May 24, 2022
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common...
Critical
Unreviewed
CVE-2021-28041
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API