Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,368
Maven
5,000+
npm
3,988
NuGet
720
pip
3,779
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

530 advisories

Loading
aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. Critical Unreviewed
CVE-2021-30474 was published May 24, 2022
The mq_notify function in the GNU C Library (aka glibc) through 2.33 has a use-after-free. It may... Critical Unreviewed
CVE-2021-33574 was published May 24, 2022
A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread... Critical Unreviewed
CVE-2020-36329 was published May 24, 2022
HTTP Protocol Stack Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-31166 was published May 24, 2022
Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common... Critical Unreviewed
CVE-2020-28018 was published May 24, 2022
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when... Critical Unreviewed
CVE-2021-20204 was published May 24, 2022
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker... Critical Unreviewed
CVE-2021-21201 was published May 24, 2022
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who... Critical Unreviewed
CVE-2021-21226 was published May 24, 2022
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2021-22893 was published May 24, 2022
Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM)... Critical Unreviewed
CVE-2021-27646 was published May 24, 2022
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext... Critical Unreviewed
CVE-2021-20232 was published May 24, 2022
A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead... Critical Unreviewed
CVE-2021-20231 was published May 24, 2022
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of... Critical Unreviewed
CVE-2020-1900 was published May 24, 2022
Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to... Critical Unreviewed
CVE-2021-21151 was published May 24, 2022
Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote... Critical Unreviewed
CVE-2021-21150 was published May 24, 2022
Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be... Critical Unreviewed
CVE-2020-11272 was published May 24, 2022
Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote... Critical Unreviewed
CVE-2021-21142 was published May 24, 2022
Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker... Critical Unreviewed
CVE-2021-21146 was published May 24, 2022
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote... Critical Unreviewed
CVE-2021-21121 was published May 24, 2022
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96... Critical Unreviewed
CVE-2021-21124 was published May 24, 2022
A use-after-free in the _zip_dirent_read function of zip_dirent.c in libzip 1.2.0 allows... Critical Unreviewed
CVE-2019-17582 was published May 24, 2022
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The... Critical Unreviewed
CVE-2021-26689 was published May 24, 2022
Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote... Critical Unreviewed
CVE-2020-16045 was published May 24, 2022
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote... Critical Unreviewed
CVE-2021-21115 was published May 24, 2022
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker... Critical Unreviewed
CVE-2021-21110 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database