Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

541 advisories

Loading
An attacker was able to achieve code execution in the content process by exploiting a use-after... Critical Unreviewed
CVE-2024-9680 was published Oct 9, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who... Critical Unreviewed
CVE-2024-4671 was published May 14, 2024
Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who... Critical Unreviewed
CVE-2021-37973 was published May 24, 2022
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2021-22893 was published May 24, 2022
A remote code execution vulnerability exists in Remote Desktop Services formerly known as... Critical Unreviewed
CVE-2019-0708 was published May 24, 2022
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable... Critical Unreviewed
CVE-2022-26486 was published Dec 22, 2022
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed
CVE-2018-4878 was published May 13, 2022
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker... Critical Unreviewed
CVE-2021-30633 was published May 24, 2022
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable... Critical Unreviewed
CVE-2016-7892 was published May 14, 2022
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier)... Critical Unreviewed
CVE-2021-28550 was published May 24, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20... Critical Unreviewed
CVE-2016-0984 was published May 17, 2022
HTTP Protocol Stack Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-31166 was published May 24, 2022
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401... Critical Unreviewed
CVE-2020-3992 was published May 24, 2022
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free... Critical Unreviewed
CVE-2018-15982 was published May 14, 2022
Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144,... Critical Unreviewed
CVE-2025-11708 was published Oct 14, 2025
Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could... Critical Unreviewed
CVE-2025-11719 was published Oct 14, 2025
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate... Critical Unreviewed
CVE-2025-49708 was published Oct 14, 2025
The module will parse a <pattern> node which is not a child of a structural node. The node will... Critical Unreviewed
CVE-2025-10729 was published Oct 3, 2025
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-30080 was published Jun 11, 2024
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free. The specific flaw exists... Critical Unreviewed
CVE-2024-45434 was published Sep 12, 2025
A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of... Critical Unreviewed
CVE-2025-50518 was published Aug 14, 2025
In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary... Critical Unreviewed
CVE-2025-0075 was published Aug 27, 2025
In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a... Critical Unreviewed
CVE-2025-22408 was published Aug 27, 2025
In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary... Critical Unreviewed
CVE-2025-22403 was published Aug 27, 2025
In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary... Critical Unreviewed
CVE-2025-0074 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database