GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
68 advisories
Filter by severity
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by...
Critical
Unreviewed
CVE-2021-44732
was published
Dec 21, 2021
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability...
Critical
Unreviewed
CVE-2021-37120
was published
Jan 4, 2022
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may...
Critical
Unreviewed
CVE-2021-23158
was published
Mar 17, 2022
Systrace before 1.6.0 has insufficient escape policy enforcement.
Critical
Unreviewed
CVE-2007-4773
was published
Apr 21, 2022
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2....
Critical
Unreviewed
CVE-2022-28738
was published
May 10, 2022
An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall....
Critical
Unreviewed
CVE-2018-3985
was published
May 13, 2022
Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers...
Critical
Unreviewed
CVE-2015-8880
was published
May 13, 2022
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double...
Critical
Unreviewed
CVE-2018-16402
was published
May 13, 2022
An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the...
Critical
Unreviewed
CVE-2018-17825
was published
May 13, 2022
An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in...
Critical
Unreviewed
CVE-2018-18751
was published
May 13, 2022
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
Critical
Unreviewed
CVE-2017-1000232
was published
May 13, 2022
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified...
Critical
Unreviewed
CVE-2017-11462
was published
May 13, 2022
A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling...
Critical
Unreviewed
CVE-2018-14054
was published
May 13, 2022
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing...
Critical
Unreviewed
CVE-2018-5379
was published
May 13, 2022
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive...
Critical
Unreviewed
CVE-2018-0101
was published
May 13, 2022
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory...
Critical
Unreviewed
CVE-2016-8619
was published
May 13, 2022
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006...
Critical
Unreviewed
CVE-2018-12782
was published
May 14, 2022
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders...
Critical
Unreviewed
CVE-2017-11139
was published
May 14, 2022
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through...
Critical
Unreviewed
CVE-2017-14952
was published
May 14, 2022
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in...
Critical
Unreviewed
CVE-2019-6978
was published
May 14, 2022
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c...
Critical
Unreviewed
CVE-2017-18174
was published
May 14, 2022
In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free....
Critical
Unreviewed
CVE-2018-9356
was published
May 14, 2022
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing...
Critical
Unreviewed
CVE-2016-8618
was published
May 14, 2022
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic...
Critical
Unreviewed
CVE-2017-18201
was published
May 14, 2022
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26...
Critical
Unreviewed
CVE-2017-5334
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API