Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,814
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
722
pip
3,829
Pub
12
RubyGems
932
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

530 advisories

Loading
A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges... Critical Unreviewed
CVE-2018-5128 was published May 14, 2022
A use-after-free error can occur when manipulating ranges in selections with one node inside a... Critical Unreviewed
CVE-2017-5404 was published May 14, 2022
A use-after-free can occur when events are fired for a "FontFace" object after the object has... Critical Unreviewed
CVE-2017-5402 was published May 14, 2022
A use-after-free vulnerability can occur while editing events in form elements on a page,... Critical Unreviewed
CVE-2018-5096 was published May 14, 2022
When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to... Critical Unreviewed
CVE-2017-5403 was published May 14, 2022
A use-after-free vulnerability occurs during certain text input selection resulting in a... Critical Unreviewed
CVE-2017-5432 was published May 14, 2022
A use-after-free vulnerability occurs when redirecting focus handling which results in a... Critical Unreviewed
CVE-2017-5434 was published May 14, 2022
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation... Critical Unreviewed
CVE-2017-5433 was published May 14, 2022
A use-after-free vulnerability during changes in style when manipulating DOM elements. This... Critical Unreviewed
CVE-2017-5442 was published May 14, 2022
A use-after-free vulnerability occurs during transaction processing in the editor during design... Critical Unreviewed
CVE-2017-5435 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to the result handler being held by a... Critical Unreviewed
CVE-2017-5438 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters... Critical Unreviewed
CVE-2017-5439 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to a failure to propagate error... Critical Unreviewed
CVE-2017-5440 was published May 14, 2022
A use-after-free vulnerability when holding a selection during scroll events. This results in a... Critical Unreviewed
CVE-2017-5441 was published May 14, 2022
An out-of-bounds read during the processing of glyph widths during text layout. This results in a... Critical Unreviewed
CVE-2017-5447 was published May 14, 2022
A use-after-free vulnerability in frame selection triggered by a combination of malicious script... Critical Unreviewed
CVE-2017-5460 was published May 14, 2022
A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while... Critical Unreviewed
CVE-2017-7757 was published May 14, 2022
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP... Critical Unreviewed
CVE-2017-7756 was published May 14, 2022
A use-after-free vulnerability can occur in the compositor during certain graphics operations... Critical Unreviewed
CVE-2018-5148 was published May 14, 2022
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF... Critical Unreviewed
CVE-2018-5091 was published May 14, 2022
A use-after-free vulnerability can occur in design mode when image objects are resized if objects... Critical Unreviewed
CVE-2017-7819 was published May 14, 2022
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated... Critical Unreviewed
CVE-2017-7793 was published May 14, 2022
A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet... Critical Unreviewed
CVE-2017-7818 was published May 14, 2022
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before... Critical Unreviewed
CVE-2018-12292 was published May 14, 2022
** DISPUTED ** Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows... Critical Unreviewed
CVE-2018-13410 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database