Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

77 advisories

Loading
A vulnerability was found in libssh, where an uninitialized variable exists under certain... Low Unreviewed
CVE-2025-4878 was published Jul 22, 2025
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-6646 was published Jun 26, 2025
There is a "Use After Free" vulnerability in Qt's QHttp2ProtocolHandler in the QtNetwork module.... Low Unreviewed
CVE-2025-5991 was published Jun 11, 2025
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Low Unreviewed
CVE-2025-31239 was published May 13, 2025
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This... Low Unreviewed
CVE-2025-3416 was published Apr 8, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23409 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20081 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-23414 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-24301 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20626 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20091 was published Mar 4, 2025
Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure... Low Unreviewed
CVE-2024-12548 was published Feb 11, 2025
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from... Low Unreviewed
CVE-2024-42331 was published Nov 27, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2024-9252 was published Nov 23, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9251 was published Nov 23, 2024
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-8816 was published Nov 22, 2024
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-8821 was published Nov 22, 2024
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in... Low Unreviewed
CVE-2024-30808 was published Apr 2, 2024
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line... Low Unreviewed
CVE-2024-0124 was published Oct 3, 2024
Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-7722 was published Aug 21, 2024
In the Linux kernel, the following vulnerability has been resolved: spmi: mediatek: Fix UAF on... Low Unreviewed
CVE-2023-52584 was published Mar 6, 2024
Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker... Low Unreviewed
CVE-2023-41093 was published Jul 12, 2024
QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage... Low Unreviewed
CVE-2023-48184 was published Apr 23, 2024
Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to... Low Unreviewed
CVE-2024-3515 was published Apr 10, 2024
Use after free issue in editcap could cause denial of service via crafted capture file Low Unreviewed
CVE-2024-4855 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database