Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

782 advisories

Loading
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows... Moderate Unreviewed
CVE-2021-44964 was published Mar 15, 2022
GPAC 1.0.1 is affected by Use After Free through MP4Box. Moderate Unreviewed
CVE-2022-24576 was published Mar 15, 2022
In TBD of TBD, there is a possible user after free vulnerability due to a race condition. This... Moderate Unreviewed
CVE-2021-39712 was published Mar 17, 2022
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in... Moderate Unreviewed
CVE-2021-45868 was published Mar 19, 2022
A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux... Moderate Unreviewed
CVE-2021-4150 was published Mar 24, 2022
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the... Moderate Unreviewed
CVE-2022-26291 was published Mar 30, 2022
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is... Moderate Unreviewed
CVE-2022-1284 was published Apr 9, 2022
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a... Moderate Unreviewed
CVE-2022-40960 was published Dec 22, 2022
When transitioning in and out of fullscreen mode, a graphics object was not correctly protected;... Moderate Unreviewed
CVE-2021-4128 was published Dec 22, 2022
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results'... Moderate Unreviewed
CVE-2020-10700 was published May 24, 2022
In mdp, there is a possible memory corruption due to a use after free. This could lead to local... Moderate Unreviewed
CVE-2022-20052 was published Apr 12, 2022
In ion_ioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after... Moderate Unreviewed
CVE-2021-39800 was published Apr 13, 2022
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the... Moderate Unreviewed
CVE-2022-1280 was published Apr 14, 2022
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is... Moderate Unreviewed
CVE-2022-1444 was published Apr 25, 2022
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw... Moderate Unreviewed
CVE-2022-1195 was published Apr 30, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2019-6766 was published May 24, 2022
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where... Moderate Unreviewed
CVE-2020-1712 was published May 24, 2022
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex... Moderate Unreviewed
CVE-2020-16303 was published May 24, 2022
In PHP versions 7.2.x below 7.3.21, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing... Moderate Unreviewed
CVE-2020-7068 was published May 24, 2022
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling... Moderate Unreviewed
CVE-2019-10082 was published May 24, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use... Moderate Unreviewed
CVE-2022-38428 was published Sep 17, 2022
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU... Moderate Unreviewed
CVE-2020-35506 was published May 24, 2022
A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free... Moderate Unreviewed
CVE-2021-1958 was published May 24, 2022
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after... Moderate Unreviewed
CVE-2016-9373 was published May 17, 2022
Temporary disruption of the ADM license service. The impact of this includes preventing new... Moderate Unreviewed
CVE-2022-27512 was published Jun 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database