Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,406 advisories

Loading
Use After Free vulnerability in RTI Connext Professional (Security Plugins) allows File... Moderate Unreviewed
CVE-2025-8410 was published Sep 23, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... Moderate Unreviewed
CVE-2025-25177 was published Sep 22, 2025
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate... High Unreviewed
CVE-2025-59215 was published Sep 19, 2025
Ashlar-Vellum Cobalt LI File Parsing Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-7993 was published Sep 17, 2025
A Use After Free vulnerability affecting the PAR file reading procedure in SOLIDWORKS eDrawings... High Unreviewed
CVE-2025-9449 was published Sep 17, 2025
This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird... High Unreviewed
CVE-2025-10527 was published Sep 16, 2025
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Moderate Unreviewed
CVE-2025-43368 was published Sep 16, 2025
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free. The specific flaw exists... Critical Unreviewed
CVE-2024-45434 was published Sep 12, 2025
Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a... High Unreviewed
CVE-2025-10200 was published Sep 10, 2025
An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) A use-after-free vulnerability... High Unreviewed
CVE-2025-57616 was published Sep 10, 2025
Substance3D - Modeler versions 1.22.2 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-54258 was published Sep 10, 2025
Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a... High Unreviewed
CVE-2025-54257 was published Sep 9, 2025
Premiere Pro versions 25.3, 24.6.5 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-54242 was published Sep 9, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-54903 was published Sep 9, 2025
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-54908 was published Sep 9, 2025
Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-54911 was published Sep 9, 2025
Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-54912 was published Sep 9, 2025
Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute... High Unreviewed
CVE-2025-54906 was published Sep 9, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-54904 was published Sep 9, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-54896 was published Sep 9, 2025
Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate... High Unreviewed
CVE-2025-54111 was published Sep 9, 2025
Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate... High Unreviewed
CVE-2025-54112 was published Sep 9, 2025
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to... High Unreviewed
CVE-2025-54102 was published Sep 9, 2025
Use after free in Windows Management Services allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-54103 was published Sep 9, 2025
Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network. Moderate Unreviewed
CVE-2025-54101 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database