Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

563 advisories

Loading
Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in... Critical Unreviewed
CVE-2025-57108 was published Oct 31, 2025
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after... Critical Unreviewed
CVE-2025-12380 was published Oct 28, 2025
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate... Critical Unreviewed
CVE-2025-49708 was published Oct 14, 2025
Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could... Critical Unreviewed
CVE-2025-11719 was published Oct 14, 2025
Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144,... Critical Unreviewed
CVE-2025-11708 was published Oct 14, 2025
The module will parse a <pattern> node which is not a child of a structural node. The node will... Critical Unreviewed
CVE-2025-10729 was published Oct 3, 2025
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free. The specific flaw exists... Critical Unreviewed
CVE-2024-45434 was published Sep 12, 2025
Pixar OpenUSD Sdf_PathNode Module Use-After-Free Vulnerability Leading to Potential Remote Code Execution Critical
GHSA-58p5-r2f6-g2cj was published for usd-core (pip) Sep 4, 2025
bshyuunn
Credited to bshyuunn
In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a... Critical Unreviewed
CVE-2025-22408 was published Aug 27, 2025
In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary... Critical Unreviewed
CVE-2025-22403 was published Aug 27, 2025
In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary... Critical Unreviewed
CVE-2025-0074 was published Aug 27, 2025
In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary... Critical Unreviewed
CVE-2025-0075 was published Aug 27, 2025
A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of... Critical Unreviewed
CVE-2025-50518 was published Aug 14, 2025
A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in... Critical Unreviewed
CVE-2025-43222 was published Jul 30, 2025
A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability... Critical Unreviewed
CVE-2025-6424 was published Jun 26, 2025
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Critical Unreviewed
CVE-2025-24252 was published Apr 29, 2025
ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 124.0.6367.34 on... Critical Unreviewed
CVE-2025-1704 was published Apr 17, 2025
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Critical Unreviewed
CVE-2025-30427 was published Apr 1, 2025
SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the... Critical Unreviewed
CVE-2025-25568 was published Mar 12, 2025
A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE)... Critical Unreviewed
CVE-2025-23115 was published Mar 1, 2025
A race during concurrent delazification could have led to a use-after-free. This vulnerability... Critical Unreviewed
CVE-2025-1012 was published Feb 4, 2025
An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially... Critical Unreviewed
CVE-2025-1009 was published Feb 4, 2025
An attacker could have caused a use-after-free via the Custom Highlight API, leading to a... Critical Unreviewed
CVE-2025-1010 was published Feb 4, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... Critical Unreviewed
CVE-2024-47891 was published Jan 31, 2025
Windows OLE Remote Code Execution Vulnerability Critical Unreviewed
CVE-2025-21298 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database