Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

532 advisories

Loading
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were... Critical Unreviewed
CVE-2024-8384 was published Sep 3, 2024
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some... Critical Unreviewed
CVE-2024-43491 was published Sep 10, 2024
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when... Critical Unreviewed
CVE-2021-20204 was published May 24, 2022
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox... Critical Unreviewed
CVE-2016-5274 was published May 14, 2022
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList... Critical Unreviewed
CVE-2016-5276 was published May 14, 2022
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap... Critical Unreviewed
CVE-2016-5280 was published May 14, 2022
A use-after-free vulnerability occurs when redirecting focus handling which results in a... Critical Unreviewed
CVE-2017-5434 was published May 14, 2022
A use-after-free vulnerability occurs during transaction processing in the editor during design... Critical Unreviewed
CVE-2017-5435 was published May 14, 2022
A use-after-free vulnerability during changes in style when manipulating DOM elements. This... Critical Unreviewed
CVE-2017-5442 was published May 14, 2022
A use-after-free vulnerability when holding a selection during scroll events. This results in a... Critical Unreviewed
CVE-2017-5441 was published May 14, 2022
An out-of-bounds read during the processing of glyph widths during text layout. This results in a... Critical Unreviewed
CVE-2017-5447 was published May 14, 2022
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0... Critical Unreviewed
CVE-2016-5277 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters... Critical Unreviewed
CVE-2017-5439 was published May 14, 2022
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation... Critical Unreviewed
CVE-2017-5433 was published May 14, 2022
A use-after-free vulnerability occurs during certain text input selection resulting in a... Critical Unreviewed
CVE-2017-5432 was published May 14, 2022
Use-after-free while manipulating DOM events and removing audio elements due to errors in the... Critical Unreviewed
CVE-2016-9899 was published May 14, 2022
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox... Critical Unreviewed
CVE-2016-5281 was published May 14, 2022
A use-after-free vulnerability in frame selection triggered by a combination of malicious script... Critical Unreviewed
CVE-2017-5460 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to the result handler being held by a... Critical Unreviewed
CVE-2017-5438 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to a failure to propagate error... Critical Unreviewed
CVE-2017-5440 was published May 14, 2022
Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to... Critical Unreviewed
CVE-2024-10488 was published Oct 30, 2024
Microsoft Security Advisory CVE-2024-35264 | .NET Remote Code Execution Vulnerability Critical
CVE-2024-35264 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Jul 9, 2024
An attacker was able to achieve code execution in the content process by exploiting a use-after... Critical Unreviewed
CVE-2024-9680 was published Oct 9, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38920 was published Dec 6, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed
CVE-2024-38923 was published Dec 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database