GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
788 advisories
Filter by severity
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows...
Moderate
Unreviewed
CVE-2021-44964
was published
Mar 15, 2022
GPAC 1.0.1 is affected by Use After Free through MP4Box.
Moderate
Unreviewed
CVE-2022-24576
was published
Mar 15, 2022
In TBD of TBD, there is a possible user after free vulnerability due to a race condition. This...
Moderate
Unreviewed
CVE-2021-39712
was published
Mar 17, 2022
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in...
Moderate
Unreviewed
CVE-2021-45868
was published
Mar 19, 2022
A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux...
Moderate
Unreviewed
CVE-2021-4150
was published
Mar 24, 2022
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the...
Moderate
Unreviewed
CVE-2022-26291
was published
Mar 30, 2022
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is...
Moderate
Unreviewed
CVE-2022-1284
was published
Apr 9, 2022
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a...
Moderate
Unreviewed
CVE-2022-40960
was published
Dec 22, 2022
When transitioning in and out of fullscreen mode, a graphics object was not correctly protected;...
Moderate
Unreviewed
CVE-2021-4128
was published
Dec 22, 2022
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results'...
Moderate
Unreviewed
CVE-2020-10700
was published
May 24, 2022
In mdp, there is a possible memory corruption due to a use after free. This could lead to local...
Moderate
Unreviewed
CVE-2022-20052
was published
Apr 12, 2022
In ion_ioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after...
Moderate
Unreviewed
CVE-2021-39800
was published
Apr 13, 2022
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the...
Moderate
Unreviewed
CVE-2022-1280
was published
Apr 14, 2022
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is...
Moderate
Unreviewed
CVE-2022-1444
was published
Apr 25, 2022
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw...
Moderate
Unreviewed
CVE-2022-1195
was published
Apr 30, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable...
Moderate
Unreviewed
CVE-2019-6766
was published
May 24, 2022
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where...
Moderate
Unreviewed
CVE-2020-1712
was published
May 24, 2022
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex...
Moderate
Unreviewed
CVE-2020-16303
was published
May 24, 2022
In PHP versions 7.2.x below 7.3.21, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing...
Moderate
Unreviewed
CVE-2020-7068
was published
May 24, 2022
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling...
Moderate
Unreviewed
CVE-2019-10082
was published
May 24, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use...
Moderate
Unreviewed
CVE-2022-38428
was published
Sep 17, 2022
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU...
Moderate
Unreviewed
CVE-2020-35506
was published
May 24, 2022
A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free...
Moderate
Unreviewed
CVE-2021-1958
was published
May 24, 2022
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after...
Moderate
Unreviewed
CVE-2016-9373
was published
May 17, 2022
Temporary disruption of the ADM license service. The impact of this includes preventing new...
Moderate
Unreviewed
CVE-2022-27512
was published
Jun 17, 2022
ProTip!
Advisories are also available from the
GraphQL API