Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

543 advisories

Loading
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore:... Critical Unreviewed
CVE-2022-30294 was published May 7, 2022
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed
CVE-2017-18017 was published Apr 30, 2022
nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try... Critical Unreviewed
CVE-2022-27007 was published Apr 15, 2022
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker... Critical Unreviewed
CVE-2022-0452 was published Apr 6, 2022
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who... Critical Unreviewed
CVE-2022-0790 was published Apr 6, 2022
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2.... Critical Unreviewed
CVE-2022-1212 was published Apr 6, 2022
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. Critical Unreviewed
CVE-2022-1154 was published Mar 31, 2022
use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2. Critical Unreviewed
CVE-2022-1106 was published Mar 28, 2022
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS... Critical Unreviewed
CVE-2022-22641 was published Mar 19, 2022
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter... Critical Unreviewed
CVE-2021-21708 was published Feb 28, 2022
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. Critical Unreviewed
CVE-2022-0559 was published Feb 17, 2022
Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker... Critical Unreviewed
CVE-2022-0290 was published Feb 15, 2022
njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in... Critical Unreviewed
CVE-2022-25139 was published Feb 15, 2022
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. Critical Unreviewed
CVE-2022-0139 was published Feb 9, 2022
Use After Free in Conda vim prior to 8.2. Critical Unreviewed
CVE-2022-0443 was published Feb 8, 2022
When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use... Critical Unreviewed
CVE-2021-38504 was published Dec 9, 2021
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker... Critical Unreviewed
CVE-2021-38002 was published Nov 24, 2021
Use After Free in node.js Critical Unreviewed
CVE-2021-22930 was published Oct 8, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database