GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,286
Erlang
31
GitHub Actions
21
Go
2,058
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
88 advisories
Filter by severity
Use after free and double free in bitvec
Critical
CVE-2020-35862
was published
for
bitvec
(Rust)
Aug 25, 2021
A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling...
Critical
Unreviewed
CVE-2018-14054
was published
May 13, 2022
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Critical
Unreviewed
CVE-2019-5481
was published
May 24, 2022
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
Critical
Unreviewed
CVE-2022-40515
was published
Mar 10, 2023
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules...
Critical
Unreviewed
CVE-2021-33304
was published
Feb 16, 2023
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows...
Critical
Unreviewed
CVE-2017-12858
was published
May 17, 2022
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability...
Critical
Unreviewed
CVE-2021-37120
was published
Jan 4, 2022
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows...
Critical
Unreviewed
CVE-2015-7700
was published
May 17, 2022
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd)...
Critical
Unreviewed
CVE-2016-6912
was published
May 17, 2022
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the...
Critical
Unreviewed
CVE-2016-5768
was published
May 14, 2022
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
Critical
Unreviewed
CVE-2017-1000231
was published
May 14, 2022
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by...
Critical
Unreviewed
CVE-2021-44732
was published
Dec 21, 2021
The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote...
Critical
Unreviewed
CVE-2018-7263
was published
May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon...
Critical
Unreviewed
CVE-2018-3593
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2015-9165
was published
May 14, 2022
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is...
Critical
Unreviewed
CVE-2017-16820
was published
May 14, 2022
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26...
Critical
Unreviewed
CVE-2017-5334
was published
May 14, 2022
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic...
Critical
Unreviewed
CVE-2017-18201
was published
May 14, 2022
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing...
Critical
Unreviewed
CVE-2016-8618
was published
May 14, 2022
In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free....
Critical
Unreviewed
CVE-2018-9356
was published
May 14, 2022
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c...
Critical
Unreviewed
CVE-2017-18174
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API