Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,494 advisories

Loading
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-55335 was published Oct 14, 2025
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-48004 was published Oct 14, 2025
Use after free in Windows Device Association Broker service allows an authorized attacker to... High Unreviewed
CVE-2025-50174 was published Oct 14, 2025
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-50175 was published Oct 14, 2025
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate... Critical Unreviewed
CVE-2025-49708 was published Oct 14, 2025
Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144,... Critical Unreviewed
CVE-2025-11708 was published Oct 14, 2025
Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could... Critical Unreviewed
CVE-2025-11719 was published Oct 14, 2025
Use After Free (UAF) vulnerability in the office service. Successful exploitation of this... High Unreviewed
CVE-2025-58287 was published Oct 11, 2025
Use After Free (UAF) vulnerability in the storage management module. Successful exploitation of... High Unreviewed
CVE-2025-58299 was published Oct 11, 2025
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use... High Unreviewed
CVE-2025-23280 was published Oct 10, 2025
A use after free vulnerability exists in VS6ComFile!load_link_inf of V-SFT v6.2.7.0 and earlier.... High Unreviewed
CVE-2025-61864 was published Oct 10, 2025
Transient DOS may occur when multi-profile concurrency arises with QHS enabled. High Unreviewed
CVE-2025-47342 was published Oct 9, 2025
Memory corruption while allocating buffers in DSP service. High Unreviewed
CVE-2025-47354 was published Oct 9, 2025
FuelVM is vulnerable to heap memory allocation re-use bug High
GHSA-2pgj-5cv2-6xxw was published for fuel-vm (Rust) Oct 8, 2025
It is possible to cause an use-after-free write in SANM decoding with a carefully crafted... High Unreviewed
CVE-2025-59734 was published Oct 6, 2025
The module will parse a <pattern> node which is not a child of a structural node. The node will... Critical Unreviewed
CVE-2025-10729 was published Oct 3, 2025
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to... High Unreviewed
CVE-2025-11234 was published Oct 3, 2025
VT STUDIO versions 8.53 and prior contain a use after free vulnerability. If the product uses a... High Unreviewed
CVE-2025-61692 was published Oct 2, 2025
A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5... High Unreviewed
CVE-2025-46205 was published Oct 1, 2025
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to... High Unreviewed
CVE-2025-10501 was published Sep 24, 2025
Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to... High Unreviewed
CVE-2025-10500 was published Sep 24, 2025
Memory corruption while processing message in guest VM. High Unreviewed
CVE-2025-27077 was published Sep 24, 2025
Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference... High Unreviewed
CVE-2025-27037 was published Sep 24, 2025
Memory corruption while encoding the image data. High Unreviewed
CVE-2025-47327 was published Sep 24, 2025
Memory corruption while handling repeated memory unmap requests from guest VM. High Unreviewed
CVE-2025-47315 was published Sep 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database