Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

539 advisories

Loading
An attacker could have caused a use-after-free via the Custom Highlight API, leading to a... Critical Unreviewed
CVE-2025-1010 was published Feb 4, 2025
An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially... Critical Unreviewed
CVE-2025-1009 was published Feb 4, 2025
A race during concurrent delazification could have led to a use-after-free. This vulnerability... Critical Unreviewed
CVE-2025-1012 was published Feb 4, 2025
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2021-22893 was published May 24, 2022
Software installed and run as a non-privileged user may conduct improper GPU system calls to... Critical Unreviewed
CVE-2024-47891 was published Jan 31, 2025
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401... Critical Unreviewed
CVE-2020-3992 was published May 24, 2022
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable... Critical Unreviewed
CVE-2022-26486 was published Dec 22, 2022
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free... Critical Unreviewed
CVE-2018-15982 was published May 14, 2022
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed
CVE-2018-4878 was published May 13, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20... Critical Unreviewed
CVE-2016-0984 was published May 17, 2022
A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project... Critical Unreviewed
CVE-2024-23310 was published Feb 20, 2024
Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager ... Critical Unreviewed
CVE-2021-27649 was published May 24, 2022
Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM)... Critical Unreviewed
CVE-2021-27646 was published May 24, 2022
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2025-21307 was published Jan 14, 2025
Windows OLE Remote Code Execution Vulnerability Critical Unreviewed
CVE-2025-21298 was published Jan 14, 2025
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed
CVE-2017-18017 was published Apr 30, 2022
There is a possible UAF due to a logic error in the code. This could lead to local escalation of... Critical Unreviewed
CVE-2024-47040 was published Dec 18, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38924 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38926 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38921 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38927 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38925 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38923 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38920 was published Dec 6, 2024
An attacker was able to achieve code execution in the content process by exploiting a use-after... Critical Unreviewed
CVE-2024-9680 was published Oct 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database