Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

503 advisories

Loading
Use After Free in node.js Critical Unreviewed
CVE-2021-22930 was published Oct 8, 2021
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker... Critical Unreviewed
CVE-2021-38002 was published Nov 24, 2021
When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use... Critical Unreviewed
CVE-2021-38504 was published Dec 9, 2021
Use After Free in Conda vim prior to 8.2. Critical Unreviewed
CVE-2022-0443 was published Feb 8, 2022
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. Critical Unreviewed
CVE-2022-0139 was published Feb 9, 2022
njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in... Critical Unreviewed
CVE-2022-25139 was published Feb 15, 2022
Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker... Critical Unreviewed
CVE-2022-0290 was published Feb 15, 2022
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. Critical Unreviewed
CVE-2022-0559 was published Feb 17, 2022
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter... Critical Unreviewed
CVE-2021-21708 was published Feb 28, 2022
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS... Critical Unreviewed
CVE-2022-22641 was published Mar 19, 2022
use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2. Critical Unreviewed
CVE-2022-1106 was published Mar 28, 2022
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. Critical Unreviewed
CVE-2022-1154 was published Mar 31, 2022
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2.... Critical Unreviewed
CVE-2022-1212 was published Apr 6, 2022
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who... Critical Unreviewed
CVE-2022-0790 was published Apr 6, 2022
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker... Critical Unreviewed
CVE-2022-0452 was published Apr 6, 2022
nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try... Critical Unreviewed
CVE-2022-27007 was published Apr 15, 2022
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed
CVE-2017-18017 was published Apr 30, 2022
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore:... Critical Unreviewed
CVE-2022-30294 was published May 7, 2022
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of... Critical Unreviewed
CVE-2017-2922 was published May 13, 2022
An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta... Critical Unreviewed
CVE-2017-2891 was published May 13, 2022
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed
CVE-2018-4878 was published May 13, 2022
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets... Critical Unreviewed
CVE-2018-18408 was published May 13, 2022
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9... Critical Unreviewed
CVE-2016-0746 was published May 13, 2022
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free... Critical Unreviewed
CVE-2017-3071 was published May 13, 2022
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free... Critical Unreviewed
CVE-2017-3073 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database