Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,491 advisories

Loading
Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to... High Unreviewed
CVE-2025-49675 was published Jul 8, 2025
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate... High Unreviewed
CVE-2025-49685 was published Jul 8, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-49698 was published Jul 8, 2025
Use after free in Windows Media allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-49682 was published Jul 8, 2025
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-49660 was published Jul 8, 2025
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-49677 was published Jul 8, 2025
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized... High Unreviewed
CVE-2025-48821 was published Jul 8, 2025
Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate... High Unreviewed
CVE-2025-47991 was published Jul 8, 2025
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code... High Unreviewed
CVE-2025-48806 was published Jul 8, 2025
Use after free in Universal Print Management Service allows an authorized attacker to elevate... High Unreviewed
CVE-2025-47986 was published Jul 8, 2025
Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-47976 was published Jul 8, 2025
Memory corruption during sub-system restart while processing clean-up to free up resources. High Unreviewed
CVE-2025-27056 was published Jul 8, 2025
Memory corruption while processing event close when client process terminates abruptly. High Unreviewed
CVE-2025-27050 was published Jul 8, 2025
Memory corruption while processing the TESTPATTERNCONFIG escape path. High Unreviewed
CVE-2025-27047 was published Jul 8, 2025
Memory corruption while processing a private escape command in an event trigger. High Unreviewed
CVE-2025-21466 was published Jul 8, 2025
Virtual address reuse issue in the memory management module, which can be exploited by non... Moderate Unreviewed
CVE-2025-53185 was published Jul 7, 2025
Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This... Moderate Unreviewed
CVE-2025-0634 was published Jun 30, 2025
PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-6661 was published Jun 26, 2025
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-6640 was published Jun 26, 2025
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-6644 was published Jun 26, 2025
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-6645 was published Jun 26, 2025
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-6646 was published Jun 26, 2025
A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability... Critical Unreviewed
CVE-2025-6424 was published Jun 26, 2025
An authenticated user may trigger a use after free that may result in MongoDB Server crash and... Moderate Unreviewed
CVE-2025-6706 was published Jun 26, 2025
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to... Moderate Unreviewed
CVE-2025-6555 was published Jun 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database