Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

505 advisories

Loading
An attacker was able to achieve code execution in the content process by exploiting a use-after... Critical Unreviewed
CVE-2024-9680 was published Oct 9, 2024
Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to... Critical Unreviewed
CVE-2024-10488 was published Oct 30, 2024
A use-after-free vulnerability during XSLT processing due to the result handler being held by a... Critical Unreviewed
CVE-2017-5438 was published May 14, 2022
A use-after-free vulnerability in frame selection triggered by a combination of malicious script... Critical Unreviewed
CVE-2017-5460 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to a failure to propagate error... Critical Unreviewed
CVE-2017-5440 was published May 14, 2022
A use-after-free vulnerability occurs during certain text input selection resulting in a... Critical Unreviewed
CVE-2017-5432 was published May 14, 2022
Use-after-free while manipulating DOM events and removing audio elements due to errors in the... Critical Unreviewed
CVE-2016-9899 was published May 14, 2022
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox... Critical Unreviewed
CVE-2016-5281 was published May 14, 2022
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0... Critical Unreviewed
CVE-2016-5277 was published May 14, 2022
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation... Critical Unreviewed
CVE-2017-5433 was published May 14, 2022
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters... Critical Unreviewed
CVE-2017-5439 was published May 14, 2022
An out-of-bounds read during the processing of glyph widths during text layout. This results in a... Critical Unreviewed
CVE-2017-5447 was published May 14, 2022
A use-after-free vulnerability during changes in style when manipulating DOM elements. This... Critical Unreviewed
CVE-2017-5442 was published May 14, 2022
A use-after-free vulnerability when holding a selection during scroll events. This results in a... Critical Unreviewed
CVE-2017-5441 was published May 14, 2022
A use-after-free vulnerability occurs during transaction processing in the editor during design... Critical Unreviewed
CVE-2017-5435 was published May 14, 2022
A use-after-free vulnerability occurs when redirecting focus handling which results in a... Critical Unreviewed
CVE-2017-5434 was published May 14, 2022
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap... Critical Unreviewed
CVE-2016-5280 was published May 14, 2022
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList... Critical Unreviewed
CVE-2016-5276 was published May 14, 2022
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox... Critical Unreviewed
CVE-2016-5274 was published May 14, 2022
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when... Critical Unreviewed
CVE-2021-20204 was published May 24, 2022
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some... Critical Unreviewed
CVE-2024-43491 was published Sep 10, 2024
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were... Critical Unreviewed
CVE-2024-8384 was published Sep 3, 2024
Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub... Critical Unreviewed
CVE-2024-43102 was published Sep 5, 2024
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB... Critical Unreviewed
CVE-2024-22253 was published Mar 5, 2024
Windows Network Virtualization Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-38159 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database