Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,291
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,743
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

532 advisories

Loading
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom... Critical Unreviewed
CVE-2018-18500 was published May 14, 2022
There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in... Critical Unreviewed
CVE-2018-7551 was published May 14, 2022
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a... Critical Unreviewed
CVE-2018-12882 was published May 14, 2022
A use-after-free vulnerability can occur while enumerating attributes during SVG animations with... Critical Unreviewed
CVE-2018-5154 was published May 14, 2022
A use-after-free vulnerability can occur while adjusting layout during SVG animations with text... Critical Unreviewed
CVE-2018-5155 was published May 14, 2022
A use-after-free vulnerability can occur after deleting a selection element due to a weak... Critical Unreviewed
CVE-2018-18492 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10... Critical Unreviewed
CVE-2017-2513 was published May 14, 2022
There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p... Critical Unreviewed
CVE-2018-7554 was published May 14, 2022
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free... Critical Unreviewed
CVE-2018-7053 was published May 14, 2022
Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. Critical Unreviewed
CVE-2019-5882 was published May 14, 2022
Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote... Critical Unreviewed
CVE-2018-6127 was published May 14, 2022
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free... Critical Unreviewed
CVE-2018-15982 was published May 14, 2022
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper... Critical Unreviewed
CVE-2018-9476 was published May 14, 2022
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by... Critical Unreviewed
CVE-2018-12378 was published May 14, 2022
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some... Critical Unreviewed
CVE-2018-12377 was published May 14, 2022
Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful... Critical Unreviewed
CVE-2018-12822 was published May 14, 2022
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause... Critical Unreviewed
CVE-2018-17607 was published May 14, 2022
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause... Critical Unreviewed
CVE-2018-17610 was published May 14, 2022
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause... Critical Unreviewed
CVE-2018-17608 was published May 14, 2022
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause... Critical Unreviewed
CVE-2018-17609 was published May 14, 2022
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause... Critical Unreviewed
CVE-2018-17611 was published May 14, 2022
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in... Critical Unreviewed
CVE-2018-1000217 was published May 14, 2022
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox... Critical Unreviewed
CVE-2016-5281 was published May 14, 2022
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap... Critical Unreviewed
CVE-2016-5280 was published May 14, 2022
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute... Critical Unreviewed
CVE-2017-14746 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database