Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,423 advisories

Loading
Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability... Moderate Unreviewed
CVE-2025-49568 was published Aug 12, 2025
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use... High Unreviewed
CVE-2025-38500 was published Aug 12, 2025
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the... Moderate Unreviewed
CVE-2025-8842 was published Aug 11, 2025
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of... Moderate Unreviewed
CVE-2025-8837 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb... High Unreviewed
CVE-2025-27128 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb... High Unreviewed
CVE-2025-24298 was published Aug 11, 2025
Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL... High Unreviewed
CVE-2025-46709 was published Aug 9, 2025
Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to... High Unreviewed
CVE-2025-8578 was published Aug 7, 2025
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to... High Unreviewed
CVE-2025-8576 was published Aug 7, 2025
Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously. High Unreviewed
CVE-2025-21458 was published Aug 6, 2025
Memory corruption while processing commands from A2dp sink command queue. High Unreviewed
CVE-2025-21474 was published Aug 6, 2025
Memory corruption while processing IOCTL command when multiple threads are called to map/unmap... High Unreviewed
CVE-2025-21456 was published Aug 6, 2025
Pointer dangling vulnerability in the cjwindow module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-54626 was published Aug 6, 2025
Vulnerability of returning released pointers in the distributed notification service. Impact:... Moderate Unreviewed
CVE-2025-54635 was published Aug 6, 2025
Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU... Moderate Unreviewed
CVE-2025-0932 was published Aug 4, 2025
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local... High Unreviewed
CVE-2025-23281 was published Aug 3, 2025
Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker... High Unreviewed
CVE-2025-8292 was published Jul 30, 2025
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Moderate Unreviewed
CVE-2025-43216 was published Jul 30, 2025
A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in... Critical Unreviewed
CVE-2025-43222 was published Jul 30, 2025
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use... High Unreviewed
CVE-2025-6636 was published Jul 29, 2025
A vulnerability was found in libssh, where an uninitialized variable exists under certain... Low Unreviewed
CVE-2025-4878 was published Jul 22, 2025
Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are... High Unreviewed
CVE-2025-47917 was published Jul 20, 2025
Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to... High Unreviewed
CVE-2025-7657 was published Jul 15, 2025
Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on... High Unreviewed
CVE-2025-7042 was published Jul 15, 2025
Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on... High Unreviewed
CVE-2025-6973 was published Jul 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database