Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

5,322 advisories

Loading
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Moderate Unreviewed
CVE-2025-43216 was published Jul 30, 2025
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image... High Unreviewed
CVE-2025-48798 was published May 27, 2025
Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker... High Unreviewed
CVE-2025-8292 was published Jul 30, 2025
A vulnerability was found in libssh, where an uninitialized variable exists under certain... Low Unreviewed
CVE-2025-4878 was published Jul 22, 2025
There is a possible UAF due to a logic error in the code. This could lead to local escalation of... Critical Unreviewed
CVE-2024-47040 was published Dec 18, 2024
Reverb use after free vulnerability Moderate
CVE-2024-8375 was published for dm-reverb (pip) Sep 19, 2024
The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used... High Unreviewed
CVE-2024-2410 was published May 3, 2024
Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are... High Unreviewed
CVE-2025-47917 was published Jul 20, 2025
SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the... Critical Unreviewed
CVE-2025-25568 was published Mar 12, 2025
Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to... High Unreviewed
CVE-2025-7657 was published Jul 15, 2025
Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS... High Unreviewed
CVE-2025-6971 was published Jul 15, 2025
Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on... High Unreviewed
CVE-2025-7042 was published Jul 15, 2025
Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS... High Unreviewed
CVE-2025-6972 was published Jul 15, 2025
Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on... High Unreviewed
CVE-2025-6973 was published Jul 15, 2025
An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the... Moderate Unreviewed
CVE-2025-3631 was published Jul 11, 2025
A Use After Free vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS... High Unreviewed
CVE-2025-52946 was published Jul 11, 2025
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after... High Unreviewed
CVE-2024-27070 was published May 1, 2024
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-49733 was published Jul 8, 2025
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to... High Unreviewed
CVE-2025-49724 was published Jul 8, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-49698 was published Jul 8, 2025
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute... High Unreviewed
CVE-2025-49735 was published Jul 8, 2025
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-49725 was published Jul 8, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-49699 was published Jul 8, 2025
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate... High Unreviewed
CVE-2025-49685 was published Jul 8, 2025
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-49726 was published Jul 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database