GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
68 advisories
Filter by severity
A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function...
Critical
Unreviewed
CVE-2024-35325
was published
Jun 13, 2024
Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double free in flb_free (called from...
Critical
Unreviewed
CVE-2021-36088
was published
May 24, 2022
curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a...
Critical
Unreviewed
CVE-2022-42915
was published
Oct 30, 2022
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC...
Critical
Unreviewed
CVE-2019-12874
was published
May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017...
Critical
Unreviewed
CVE-2019-7080
was published
May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017...
Critical
Unreviewed
CVE-2019-7784
was published
May 24, 2022
Systrace before 1.6.0 has insufficient escape policy enforcement.
Critical
Unreviewed
CVE-2007-4773
was published
Apr 21, 2022
A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig...
Critical
Unreviewed
CVE-2024-22097
was published
Feb 20, 2024
A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The...
Critical
Unreviewed
CVE-2024-23809
was published
Feb 20, 2024
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances...
Critical
Unreviewed
CVE-2021-22945
was published
May 24, 2022
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms...
Critical
Unreviewed
CVE-2023-25136
was published
Feb 3, 2023
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2....
Critical
Unreviewed
CVE-2022-28738
was published
May 10, 2022
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free,...
Critical
Unreviewed
CVE-2023-49937
was published
Dec 14, 2023
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and...
Critical
Unreviewed
CVE-2023-35784
was published
Jun 16, 2023
A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling...
Critical
Unreviewed
CVE-2018-14054
was published
May 13, 2022
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Critical
Unreviewed
CVE-2019-5481
was published
May 24, 2022
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
Critical
Unreviewed
CVE-2022-40515
was published
Mar 10, 2023
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules...
Critical
Unreviewed
CVE-2021-33304
was published
Feb 16, 2023
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows...
Critical
Unreviewed
CVE-2017-12858
was published
May 17, 2022
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability...
Critical
Unreviewed
CVE-2021-37120
was published
Jan 4, 2022
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows...
Critical
Unreviewed
CVE-2015-7700
was published
May 17, 2022
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd)...
Critical
Unreviewed
CVE-2016-6912
was published
May 17, 2022
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the...
Critical
Unreviewed
CVE-2016-5768
was published
May 14, 2022
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
Critical
Unreviewed
CVE-2017-1000231
was published
May 14, 2022
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by...
Critical
Unreviewed
CVE-2021-44732
was published
Dec 21, 2021
ProTip!
Advisories are also available from the
GraphQL API