GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,948
Erlang
29
GitHub Actions
16
Go
1,738
Maven
4,965
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+
505 advisories
Filter by severity
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-30080
was published
Jun 11, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who...
Critical
Unreviewed
CVE-2024-4671
was published
May 14, 2024
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-32174
was published
May 3, 2024
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1...
Critical
Unreviewed
CVE-2023-49606
was published
May 1, 2024
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-21334
was published
Mar 12, 2024
Memory corruption while processing MBSSID beacon containing several subelement IE.
Critical
Unreviewed
CVE-2023-43552
was published
Mar 4, 2024
Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at ....
Critical
Unreviewed
CVE-2024-24189
was published
Feb 7, 2024
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to...
Critical
Unreviewed
CVE-2024-1284
was published
Feb 7, 2024
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector...
Critical
Unreviewed
CVE-2020-36773
was published
Feb 4, 2024
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-21326
was published
Jan 26, 2024
A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the...
Critical
Unreviewed
CVE-2023-37117
was published
Jan 12, 2024
A use-after-free issue was addressed with improved memory management. This issue is fixed in...
Critical
Unreviewed
CVE-2023-40414
was published
Jan 11, 2024
Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h...
Critical
Unreviewed
CVE-2024-22088
was published
Jan 5, 2024
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory...
Critical
Unreviewed
CVE-2023-46850
was published
Nov 11, 2023
During process shutdown, it was possible that an `ImageBitmap` was created that would later be...
Critical
Unreviewed
CVE-2023-5175
was published
Sep 27, 2023
A hashtable in the Ion Engine could have been mutated while there was a live interior reference,...
Critical
Unreviewed
CVE-2023-5172
was published
Sep 27, 2023
If Windows failed to duplicate a handle during process creation, the sandbox code may have...
Critical
Unreviewed
CVE-2023-5174
was published
Sep 27, 2023
A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft...
Critical
Unreviewed
CVE-2023-39453
was published
Sep 25, 2023
dpic 2021.04.10 has a use-after-free in thedeletestringbox() function in dpic.y. A different...
Critical
Unreviewed
CVE-2021-33390
was published
Aug 22, 2023
A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote...
Critical
Unreviewed
CVE-2023-30186
was published
Aug 14, 2023
Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had...
Critical
Unreviewed
CVE-2022-4924
was published
Jul 29, 2023
A use-after-free issue was addressed with improved memory management. This issue is fixed in...
Critical
Unreviewed
CVE-2023-38598
was published
Jul 28, 2023
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can...
Critical
Unreviewed
CVE-2021-32495
was published
Jul 7, 2023
Withdrawn: Use after free in SciPy
Critical
CVE-2023-29824
was published
for
scipy
(pip)
Jul 6, 2023
•
withdrawn
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this...
Critical
Unreviewed
CVE-2021-46894
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API