Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

505 advisories

Loading
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability... Critical Unreviewed
CVE-2017-11215 was published May 13, 2022
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed
CVE-2018-4877 was published May 13, 2022
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to... Critical Unreviewed
CVE-2019-5759 was published May 13, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before... Critical Unreviewed
CVE-2016-6981 was published May 13, 2022
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before... Critical Unreviewed
CVE-2016-6987 was published May 13, 2022
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free... Critical Unreviewed
CVE-2017-3073 was published May 13, 2022
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free... Critical Unreviewed
CVE-2017-3071 was published May 13, 2022
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9... Critical Unreviewed
CVE-2016-0746 was published May 13, 2022
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets... Critical Unreviewed
CVE-2018-18408 was published May 13, 2022
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed
CVE-2018-4878 was published May 13, 2022
An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta... Critical Unreviewed
CVE-2017-2891 was published May 13, 2022
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of... Critical Unreviewed
CVE-2017-2922 was published May 13, 2022
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore:... Critical Unreviewed
CVE-2022-30294 was published May 7, 2022
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11,... Critical Unreviewed
CVE-2017-18017 was published Apr 30, 2022
nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try... Critical Unreviewed
CVE-2022-27007 was published Apr 15, 2022
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker... Critical Unreviewed
CVE-2022-0452 was published Apr 6, 2022
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who... Critical Unreviewed
CVE-2022-0790 was published Apr 6, 2022
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2.... Critical Unreviewed
CVE-2022-1212 was published Apr 6, 2022
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. Critical Unreviewed
CVE-2022-1154 was published Mar 31, 2022
use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2. Critical Unreviewed
CVE-2022-1106 was published Mar 28, 2022
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS... Critical Unreviewed
CVE-2022-22641 was published Mar 19, 2022
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter... Critical Unreviewed
CVE-2021-21708 was published Feb 28, 2022
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. Critical Unreviewed
CVE-2022-0559 was published Feb 17, 2022
Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker... Critical Unreviewed
CVE-2022-0290 was published Feb 15, 2022
njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in... Critical Unreviewed
CVE-2022-25139 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database