Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,854 advisories

Loading
PyOpenSSL Use-After-Free vulnerability High
CVE-2018-1000807 was published for pyopenssl (pip) Oct 10, 2018
tdunlap607
Use after free in CefSharp High
CVE-2020-16017 was published for CefSharp.Common (NuGet) Nov 27, 2020
Reflected Cross-site Scripting in ACS Commons High
CVE-2021-21028 was published for com.adobe.acs:acs-aem-commons (Maven) Feb 2, 2021
GPGME Go wrapper contains Use After Free High
CVE-2020-8945 was published for github.com/proglottis/gpgme (Go) May 18, 2021
Use after free in boosted trees creation High
CVE-2021-37652 was published for tensorflow (pip) Aug 25, 2021
Use after free in string-interner High
CVE-2019-16882 was published for string-interner (Rust) Aug 25, 2021
tdunlap607
Use-after-free in actix-http High
CVE-2020-35901 was published for actix-http (Rust) Aug 25, 2021
Use after free in Rocket High
CVE-2021-29935 was published for rocket (Rust) Aug 25, 2021
tdunlap607
Use after free in heapless High
CVE-2020-36464 was published for heapless (Rust) Aug 25, 2021
Use after free in generic-array High
CVE-2020-36465 was published for generic-array (Rust) Aug 25, 2021
Use after free in libpulse-binding High
GHSA-ghpq-vjxw-ch5w was published for libpulse-binding (Rust) Aug 25, 2021
Use after free / memory leak in `CollectiveReduceV2` High
CVE-2021-41220 was published for tensorflow (pip) Nov 10, 2021
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution... High Unreviewed
CVE-2021-42385 was published Nov 17, 2021
Adobe Animate version 21.0.9 (and earlier) are affected by a use-after-free vulnerability in the... High Unreviewed
CVE-2021-42269 was published Nov 19, 2021
In apusys, there is a possible memory corruption due to a use after free. This could lead to... High Unreviewed
CVE-2021-0670 was published Nov 19, 2021
In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead... High Unreviewed
CVE-2021-0629 was published Nov 19, 2021
vim is vulnerable to Use After Free High Unreviewed
CVE-2021-3974 was published Nov 20, 2021
Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who... High Unreviewed
CVE-2021-37997 was published Nov 24, 2021
Use After Free in lucet High
CVE-2021-43790 was published for lucet-runtime (Rust) Nov 30, 2021
iximeow acfoltzer
cratelyn aturon alexcrichton aggarwaa
A use-after-free vulnerability exists when reading a DWF/DWFX file using Open Design Alliance... High Unreviewed
CVE-2021-44047 was published Dec 6, 2021
vim is vulnerable to Use After Free High Unreviewed
CVE-2021-4069 was published Dec 7, 2021
Failure to correctly record the location of live pointers across wasm instance calls resulted in... High Unreviewed
CVE-2021-43539 was published Dec 9, 2021
A use-after-free could have occured when an HTTP2 session object was released on a different... High Unreviewed
CVE-2021-43535 was published Dec 9, 2021
A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All... High Unreviewed
CVE-2021-44447 was published Dec 15, 2021
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All... High Unreviewed
CVE-2021-44433 was published Dec 15, 2021
ProTip! Advisories are also available from the GraphQL API