GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
513 advisories
Filter by severity
There is a possible UAF due to a logic error in the code. This could lead to local escalation of...
Critical
Unreviewed
CVE-2024-47040
was published
Dec 18, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38921
was published
Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38923
was published
Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38925
was published
Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38924
was published
Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38927
was published
Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38926
was published
Dec 7, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38920
was published
Dec 6, 2024
Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to...
Critical
Unreviewed
CVE-2024-10488
was published
Oct 30, 2024
An attacker was able to achieve code execution in the content process by exploiting a use-after...
Critical
Unreviewed
CVE-2024-9680
was published
Oct 9, 2024
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some...
Critical
Unreviewed
CVE-2024-43491
was published
Sep 10, 2024
Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub...
Critical
Unreviewed
CVE-2024-43102
was published
Sep 5, 2024
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were...
Critical
Unreviewed
CVE-2024-8384
was published
Sep 3, 2024
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-38199
was published
Aug 13, 2024
Windows Network Virtualization Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-38159
was published
Aug 13, 2024
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-38140
was published
Aug 13, 2024
Incorrect garbage collection interaction could have led to a use-after-free. This vulnerability...
Critical
Unreviewed
CVE-2024-7530
was published
Aug 6, 2024
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This...
Critical
Unreviewed
CVE-2024-7528
was published
Aug 6, 2024
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS...
Critical
Unreviewed
CVE-2024-40782
was published
Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix invalid...
Critical
Unreviewed
CVE-2024-38612
was published
Jun 19, 2024
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-30080
was published
Jun 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
nvme-rdma: destroy cm id...
Critical
Unreviewed
CVE-2021-47378
was published
May 21, 2024
Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to...
Critical
Unreviewed
CVE-2024-4949
was published
May 15, 2024
Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after...
Critical
Unreviewed
CVE-2024-4764
was published
May 14, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who...
Critical
Unreviewed
CVE-2024-4671
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API