Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

517 advisories

Loading
Software installed and run as a non-privileged user may conduct improper GPU system calls to... Critical Unreviewed
CVE-2024-47891 was published Jan 31, 2025
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401... Critical Unreviewed
CVE-2020-3992 was published May 24, 2022
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable... Critical Unreviewed
CVE-2022-26486 was published Dec 22, 2022
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free... Critical Unreviewed
CVE-2018-15982 was published May 14, 2022
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed
CVE-2018-4878 was published May 13, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20... Critical Unreviewed
CVE-2016-0984 was published May 17, 2022
A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project... Critical Unreviewed
CVE-2024-23310 was published Feb 20, 2024
Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager ... Critical Unreviewed
CVE-2021-27649 was published May 24, 2022
Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM)... Critical Unreviewed
CVE-2021-27646 was published May 24, 2022
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2025-21307 was published Jan 14, 2025
Windows OLE Remote Code Execution Vulnerability Critical Unreviewed
CVE-2025-21298 was published Jan 14, 2025
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed
CVE-2017-18017 was published Apr 30, 2022
There is a possible UAF due to a logic error in the code. This could lead to local escalation of... Critical Unreviewed
CVE-2024-47040 was published Dec 18, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38921 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38926 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38924 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38927 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38925 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38923 was published Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38920 was published Dec 6, 2024
An attacker was able to achieve code execution in the content process by exploiting a use-after... Critical Unreviewed
CVE-2024-9680 was published Oct 9, 2024
Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to... Critical Unreviewed
CVE-2024-10488 was published Oct 30, 2024
A use-after-free vulnerability during XSLT processing due to a failure to propagate error... Critical Unreviewed
CVE-2017-5440 was published May 14, 2022
A use-after-free vulnerability in frame selection triggered by a combination of malicious script... Critical Unreviewed
CVE-2017-5460 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to the result handler being held by a... Critical Unreviewed
CVE-2017-5438 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database