Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

563 advisories

Loading
While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is... Critical Unreviewed
CVE-2017-14877 was published May 14, 2022
In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing... Critical Unreviewed
CVE-2017-14915 was published May 14, 2022
Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before... Critical Unreviewed
CVE-2016-7413 was published May 14, 2022
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash... Critical Unreviewed
CVE-2016-7479 was published May 14, 2022
The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote... Critical Unreviewed
CVE-2016-9936 was published May 14, 2022
ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to... Critical Unreviewed
CVE-2017-12932 was published May 14, 2022
In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after... Critical Unreviewed
CVE-2017-13272 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2014-10046 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2017-18145 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed
CVE-2017-18136 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed
CVE-2017-18140 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2017-18144 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2018-3590 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2017-11011 was published May 14, 2022
In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c... Critical Unreviewed
CVE-2018-10199 was published May 14, 2022
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0... Critical Unreviewed
CVE-2016-5277 was published May 14, 2022
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox... Critical Unreviewed
CVE-2016-5274 was published May 14, 2022
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList... Critical Unreviewed
CVE-2016-5276 was published May 14, 2022
A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory... Critical Unreviewed
CVE-2018-5092 was published May 14, 2022
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free... Critical Unreviewed
CVE-2018-4919 was published May 14, 2022
statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call,... Critical Unreviewed
CVE-2016-6309 was published May 14, 2022
A potentially exploitable use-after-free crash during actor destruction with service workers.... Critical Unreviewed
CVE-2016-5287 was published May 14, 2022
Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird <... Critical Unreviewed
CVE-2017-5376 was published May 14, 2022
A use-after-free vulnerability in the Media Decoder when working with media files when some... Critical Unreviewed
CVE-2017-5396 was published May 14, 2022
A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This... Critical Unreviewed
CVE-2017-5380 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database