Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,948
Erlang
29
GitHub Actions
16
Go
1,738
Maven
4,965
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+

505 advisories

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-30080 was published Jun 11, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who... Critical Unreviewed
CVE-2024-4671 was published May 14, 2024
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-32174 was published May 3, 2024
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1... Critical Unreviewed
CVE-2023-49606 was published May 1, 2024
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21334 was published Mar 12, 2024
Memory corruption while processing MBSSID beacon containing several subelement IE. Critical Unreviewed
CVE-2023-43552 was published Mar 4, 2024
Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at .... Critical Unreviewed
CVE-2024-24189 was published Feb 7, 2024
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to... Critical Unreviewed
CVE-2024-1284 was published Feb 7, 2024
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector... Critical Unreviewed
CVE-2020-36773 was published Feb 4, 2024
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21326 was published Jan 26, 2024
A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the... Critical Unreviewed
CVE-2023-37117 was published Jan 12, 2024
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Critical Unreviewed
CVE-2023-40414 was published Jan 11, 2024
Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h... Critical Unreviewed
CVE-2024-22088 was published Jan 5, 2024
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory... Critical Unreviewed
CVE-2023-46850 was published Nov 11, 2023
During process shutdown, it was possible that an `ImageBitmap` was created that would later be... Critical Unreviewed
CVE-2023-5175 was published Sep 27, 2023
A hashtable in the Ion Engine could have been mutated while there was a live interior reference,... Critical Unreviewed
CVE-2023-5172 was published Sep 27, 2023
If Windows failed to duplicate a handle during process creation, the sandbox code may have... Critical Unreviewed
CVE-2023-5174 was published Sep 27, 2023
A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft... Critical Unreviewed
CVE-2023-39453 was published Sep 25, 2023
dpic 2021.04.10 has a use-after-free in thedeletestringbox() function in dpic.y. A different... Critical Unreviewed
CVE-2021-33390 was published Aug 22, 2023
A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote... Critical Unreviewed
CVE-2023-30186 was published Aug 14, 2023
Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had... Critical Unreviewed
CVE-2022-4924 was published Jul 29, 2023
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Critical Unreviewed
CVE-2023-38598 was published Jul 28, 2023
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can... Critical Unreviewed
CVE-2021-32495 was published Jul 7, 2023
Withdrawn: Use after free in SciPy Critical
CVE-2023-29824 was published for scipy (pip) Jul 6, 2023 withdrawn
vin01
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this... Critical Unreviewed
CVE-2021-46894 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API