Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,783
Erlang
36
GitHub Actions
29
Go
2,353
Maven
5,000+
npm
3,977
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

530 advisories

Loading
An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows... Critical Unreviewed
CVE-2023-24734 was published Mar 6, 2023
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK... Critical Unreviewed
CVE-2023-25362 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in... Critical Unreviewed
CVE-2023-25363 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8... Critical Unreviewed
CVE-2023-25361 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8... Critical Unreviewed
CVE-2023-25358 was published Mar 2, 2023
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8... Critical Unreviewed
CVE-2023-25360 was published Mar 2, 2023
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option... Critical Unreviewed
CVE-2021-33391 was published Feb 17, 2023
When processing files, malloc stores the data of the current line. When processing comments,... Critical Unreviewed
CVE-2021-33641 was published Jan 20, 2023
An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2pdu.c has a use... Critical Unreviewed
CVE-2022-47939 was published Dec 23, 2022
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable... Critical Unreviewed
CVE-2022-26486 was published Dec 22, 2022
Session history navigations may have led to a use-after-free and potentially exploitable crash.... Critical Unreviewed
CVE-2022-34470 was published Dec 22, 2022
If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may... Critical Unreviewed
CVE-2022-45406 was published Dec 22, 2022
A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This... Critical Unreviewed
CVE-2022-46882 was published Dec 22, 2022
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is... Critical Unreviewed
CVE-2021-33640 was published Dec 19, 2022
drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. Critical Unreviewed
CVE-2022-45474 was published Nov 18, 2022
Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory... Critical Unreviewed
CVE-2022-43286 was published Oct 29, 2022
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the... Critical Unreviewed
CVE-2022-3649 was published Oct 22, 2022
A vulnerability was found in Exim and classified as problematic. This issue affects the function... Critical Unreviewed
CVE-2022-3620 was published Oct 21, 2022
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This... Critical Unreviewed
CVE-2022-0699 was published Oct 17, 2022
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this... Critical Unreviewed
CVE-2022-38983 was published Oct 14, 2022
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function... Critical Unreviewed
CVE-2022-40009 was published Sep 21, 2022
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. Critical Unreviewed
CVE-2022-40674 was published Sep 15, 2022
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io()... Critical Unreviewed
CVE-2022-2526 was published Sep 10, 2022
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190... Critical Unreviewed
CVE-2022-2738 was published Sep 2, 2022
The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes... Critical Unreviewed
CVE-2021-39815 was published Aug 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database