Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

68 advisories

Loading
A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function... Critical Unreviewed
CVE-2024-35325 was published Jun 13, 2024
Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double free in flb_free (called from... Critical Unreviewed
CVE-2021-36088 was published May 24, 2022
curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a... Critical Unreviewed
CVE-2022-42915 was published Oct 30, 2022
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC... Critical Unreviewed
CVE-2019-12874 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7080 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017... Critical Unreviewed
CVE-2019-7784 was published May 24, 2022
Systrace before 1.6.0 has insufficient escape policy enforcement. Critical Unreviewed
CVE-2007-4773 was published Apr 21, 2022
A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The... Critical Unreviewed
CVE-2024-23809 was published Feb 20, 2024
A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig... Critical Unreviewed
CVE-2024-22097 was published Feb 20, 2024
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances... Critical Unreviewed
CVE-2021-22945 was published May 24, 2022
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms... Critical Unreviewed
CVE-2023-25136 was published Feb 3, 2023
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2.... Critical Unreviewed
CVE-2022-28738 was published May 10, 2022
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free,... Critical Unreviewed
CVE-2023-49937 was published Dec 14, 2023
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and... Critical Unreviewed
CVE-2023-35784 was published Jun 16, 2023
A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling... Critical Unreviewed
CVE-2018-14054 was published May 13, 2022
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Critical Unreviewed
CVE-2019-5481 was published May 24, 2022
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. Critical Unreviewed
CVE-2022-40515 was published Mar 10, 2023
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules... Critical Unreviewed
CVE-2021-33304 was published Feb 16, 2023
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows... Critical Unreviewed
CVE-2017-12858 was published May 17, 2022
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2021-37120 was published Jan 4, 2022
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows... Critical Unreviewed
CVE-2015-7700 was published May 17, 2022
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd)... Critical Unreviewed
CVE-2016-6912 was published May 17, 2022
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the... Critical Unreviewed
CVE-2016-5768 was published May 14, 2022
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors. Critical Unreviewed
CVE-2017-1000231 was published May 14, 2022
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by... Critical Unreviewed
CVE-2021-44732 was published Dec 21, 2021
ProTip! Advisories are also available from the GraphQL API