Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,524 advisories

Loading
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client... High Unreviewed
CVE-2025-62230 was published Oct 30, 2025
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-64531 was published Nov 11, 2025
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-61834 was published Nov 11, 2025
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension... High Unreviewed
CVE-2025-62229 was published Oct 30, 2025
Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that... Moderate Unreviewed
CVE-2025-61842 was published Nov 11, 2025
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-60716 was published Nov 11, 2025
Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate... High Unreviewed
CVE-2025-60717 was published Nov 11, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62216 was published Nov 11, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62199 was published Nov 11, 2025
Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate... High Unreviewed
CVE-2025-59515 was published Nov 11, 2025
Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to... High Unreviewed
CVE-2025-60707 was published Nov 11, 2025
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-61814 was published Nov 11, 2025
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-61815 was published Nov 11, 2025
InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that... High Unreviewed
CVE-2025-61817 was published Nov 11, 2025
InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that... High Unreviewed
CVE-2025-61818 was published Nov 11, 2025
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to... High Unreviewed
CVE-2025-62213 was published Nov 11, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62203 was published Nov 11, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62205 was published Nov 11, 2025
A use after free issue was addressed with improved memory management. This issue is fixed in... High Unreviewed
CVE-2025-24085 was published Jan 28, 2025
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use... High Unreviewed
CVE-2022-49910 was published May 1, 2025
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in... High Unreviewed
CVE-2025-37924 was published May 20, 2025
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in... High Unreviewed
CVE-2025-37926 was published May 20, 2025
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free... High Unreviewed
CVE-2022-49834 was published May 1, 2025
Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a... High Unreviewed
CVE-2025-12438 was published Nov 10, 2025
Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who... Unknown Unreviewed
CVE-2025-12437 was published Nov 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database