GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
445 advisories
Filter by severity
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in...
High
Unreviewed
CVE-2019-12219
was published
May 24, 2022
An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter...
High
Unreviewed
CVE-2019-11490
was published
May 24, 2022
Systrace before 1.6.0 has insufficient escape policy enforcement.
Critical
Unreviewed
CVE-2007-4773
was published
Apr 21, 2022
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls...
High
Unreviewed
CVE-2021-37159
was published
May 24, 2022
A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The...
Critical
Unreviewed
CVE-2024-23809
was published
Feb 20, 2024
A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig...
Critical
Unreviewed
CVE-2024-22097
was published
Feb 20, 2024
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0,...
High
Unreviewed
CVE-2020-25637
was published
May 24, 2022
** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has...
High
Unreviewed
CVE-2021-40145
was published
May 24, 2022
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances...
Critical
Unreviewed
CVE-2021-22945
was published
May 24, 2022
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the...
Moderate
Unreviewed
CVE-2023-4256
was published
Dec 21, 2023
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms...
Critical
Unreviewed
CVE-2023-25136
was published
Feb 3, 2023
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston...
High
Unreviewed
CVE-2023-38562
was published
Feb 20, 2024
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and...
High
Unreviewed
CVE-2004-0772
was published
Apr 29, 2022
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial...
Moderate
Unreviewed
CVE-2005-0891
was published
May 1, 2022
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2003-0545
was published
Apr 29, 2022
openssl-src contains Double free after calling `PEM_read_bio_ex`
High
CVE-2022-4450
was published
for
openssl-src
(Rust)
Feb 8, 2023
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows...
High
Unreviewed
CVE-2003-1048
was published
Apr 29, 2022
kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is...
High
Unreviewed
CVE-2023-39975
was published
Aug 16, 2023
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2....
Critical
Unreviewed
CVE-2022-28738
was published
May 10, 2022
Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr...
Moderate
Unreviewed
CVE-2023-28583
was published
Jan 2, 2024
A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS...
High
Unreviewed
CVE-2024-21606
was published
Jan 12, 2024
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17064,...
High
Unreviewed
CVE-2020-17019
was published
May 24, 2022
Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is unique from CVE-2020-16982, CVE...
High
Unreviewed
CVE-2020-16970
was published
May 24, 2022
The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function...
Moderate
Unreviewed
CVE-2023-1032
was published
Jan 8, 2024
Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can...
Moderate
Unreviewed
CVE-2023-52284
was published
Dec 31, 2023
ProTip!
Advisories are also available from the
GraphQL API