Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

521 advisories

Loading
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some... Critical Unreviewed
CVE-2024-43491 was published Sep 10, 2024
Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub... Critical Unreviewed
CVE-2024-43102 was published Sep 5, 2024
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were... Critical Unreviewed
CVE-2024-8384 was published Sep 3, 2024
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-38199 was published Aug 13, 2024
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-38140 was published Aug 13, 2024
Windows Network Virtualization Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-38159 was published Aug 13, 2024
Incorrect garbage collection interaction could have led to a use-after-free. This vulnerability... Critical Unreviewed
CVE-2024-7530 was published Aug 6, 2024
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This... Critical Unreviewed
CVE-2024-7528 was published Aug 6, 2024
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS... Critical Unreviewed
CVE-2024-40782 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid... Critical Unreviewed
CVE-2024-38612 was published Jun 19, 2024
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-30080 was published Jun 11, 2024
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id... Critical Unreviewed
CVE-2021-47378 was published May 21, 2024
Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to... Critical Unreviewed
CVE-2024-4949 was published May 15, 2024
Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after... Critical Unreviewed
CVE-2024-4764 was published May 14, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who... Critical Unreviewed
CVE-2024-4671 was published May 14, 2024
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-32174 was published May 3, 2024
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1... Critical Unreviewed
CVE-2023-49606 was published May 1, 2024
Open Management Infrastructure (OMI) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21334 was published Mar 12, 2024
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB... Critical Unreviewed
CVE-2024-22253 was published Mar 5, 2024
Memory corruption while processing MBSSID beacon containing several subelement IE. Critical Unreviewed
CVE-2023-43552 was published Mar 4, 2024
Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp... Critical Unreviewed
CVE-2024-25198 was published Feb 20, 2024
In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free.... Critical Unreviewed
CVE-2023-40115 was published Feb 16, 2024
Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at .... Critical Unreviewed
CVE-2024-24189 was published Feb 7, 2024
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to... Critical Unreviewed
CVE-2024-1284 was published Feb 7, 2024
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector... Critical Unreviewed
CVE-2020-36773 was published Feb 4, 2024
ProTip! Advisories are also available from the GraphQL API