GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
513 advisories
Filter by severity
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-32174
was published
May 3, 2024
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1...
Critical
Unreviewed
CVE-2023-49606
was published
May 1, 2024
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-21334
was published
Mar 12, 2024
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB...
Critical
Unreviewed
CVE-2024-22253
was published
Mar 5, 2024
Memory corruption while processing MBSSID beacon containing several subelement IE.
Critical
Unreviewed
CVE-2023-43552
was published
Mar 4, 2024
Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp...
Critical
Unreviewed
CVE-2024-25198
was published
Feb 20, 2024
In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free....
Critical
Unreviewed
CVE-2023-40115
was published
Feb 16, 2024
Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at ....
Critical
Unreviewed
CVE-2024-24189
was published
Feb 7, 2024
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to...
Critical
Unreviewed
CVE-2024-1284
was published
Feb 7, 2024
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector...
Critical
Unreviewed
CVE-2020-36773
was published
Feb 4, 2024
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-21326
was published
Jan 26, 2024
A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the...
Critical
Unreviewed
CVE-2023-37117
was published
Jan 12, 2024
A use-after-free issue was addressed with improved memory management. This issue is fixed in...
Critical
Unreviewed
CVE-2023-40414
was published
Jan 11, 2024
Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h...
Critical
Unreviewed
CVE-2024-22088
was published
Jan 5, 2024
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory...
Critical
Unreviewed
CVE-2023-46850
was published
Nov 11, 2023
During process shutdown, it was possible that an `ImageBitmap` was created that would later be...
Critical
Unreviewed
CVE-2023-5175
was published
Sep 27, 2023
A hashtable in the Ion Engine could have been mutated while there was a live interior reference,...
Critical
Unreviewed
CVE-2023-5172
was published
Sep 27, 2023
If Windows failed to duplicate a handle during process creation, the sandbox code may have...
Critical
Unreviewed
CVE-2023-5174
was published
Sep 27, 2023
A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft...
Critical
Unreviewed
CVE-2023-39453
was published
Sep 25, 2023
dpic 2021.04.10 has a use-after-free in thedeletestringbox() function in dpic.y. A different...
Critical
Unreviewed
CVE-2021-33390
was published
Aug 22, 2023
A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote...
Critical
Unreviewed
CVE-2023-30186
was published
Aug 14, 2023
Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had...
Critical
Unreviewed
CVE-2022-4924
was published
Jul 29, 2023
A use-after-free issue was addressed with improved memory management. This issue is fixed in...
Critical
Unreviewed
CVE-2023-38598
was published
Jul 28, 2023
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can...
Critical
Unreviewed
CVE-2021-32495
was published
Jul 7, 2023
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this...
Critical
Unreviewed
CVE-2021-46894
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API