GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
77 advisories
Filter by severity
A vulnerability was found in libssh, where an uninitialized variable exists under certain...
Low
Unreviewed
CVE-2025-4878
was published
Jul 22, 2025
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2025-6646
was published
Jun 26, 2025
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module....
Low
Unreviewed
CVE-2025-5991
was published
Jun 11, 2025
A use-after-free issue was addressed with improved memory management. This issue is fixed in...
Low
Unreviewed
CVE-2025-31239
was published
May 13, 2025
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This...
Low
Unreviewed
CVE-2025-3416
was published
Apr 8, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre...
Low
Unreviewed
CVE-2025-20081
was published
Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre...
Low
Unreviewed
CVE-2025-20091
was published
Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre...
Low
Unreviewed
CVE-2025-20626
was published
Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre...
Low
Unreviewed
CVE-2025-23409
was published
Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre...
Low
Unreviewed
CVE-2025-23414
was published
Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre...
Low
Unreviewed
CVE-2025-24301
was published
Mar 4, 2025
Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure...
Low
Unreviewed
CVE-2024-12548
was published
Feb 11, 2025
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from...
Low
Unreviewed
CVE-2024-42331
was published
Nov 27, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9251
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability...
Low
Unreviewed
CVE-2024-9252
was published
Nov 23, 2024
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-8821
was published
Nov 22, 2024
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-8816
was published
Nov 22, 2024
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in...
Low
Unreviewed
CVE-2024-30808
was published
Apr 2, 2024
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line...
Low
Unreviewed
CVE-2024-0124
was published
Oct 3, 2024
Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-7722
was published
Aug 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
spmi: mediatek: Fix UAF on...
Low
Unreviewed
CVE-2023-52584
was published
Mar 6, 2024
Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker...
Low
Unreviewed
CVE-2023-41093
was published
Jul 12, 2024
QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage...
Low
Unreviewed
CVE-2023-48184
was published
Apr 23, 2024
Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to...
Low
Unreviewed
CVE-2024-3515
was published
Apr 10, 2024
Use after free issue in editcap could cause denial of service via crafted capture file
Low
Unreviewed
CVE-2024-4855
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API