Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

99 advisories

Loading
Memory handling issues in xcb Moderate
CVE-2020-36205 was published for xcb (Rust) Aug 25, 2021
An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted... Moderate Unreviewed
CVE-2021-43268 was published Nov 25, 2021
A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of... Moderate Unreviewed
CVE-2021-45288 was published Dec 22, 2021
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream... Moderate Unreviewed
CVE-2021-37529 was published Jan 13, 2022
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in... Moderate Unreviewed
CVE-2021-40573 was published Jan 14, 2022
The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in... Moderate Unreviewed
CVE-2021-40572 was published Jan 14, 2022
The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del... Moderate Unreviewed
CVE-2021-40569 was published Jan 14, 2022
In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in... Moderate Unreviewed
CVE-2021-46700 was published Feb 20, 2022
In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption... Moderate Unreviewed
CVE-2021-39725 was published Mar 17, 2022
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. Moderate Unreviewed
CVE-2021-42778 was published Apr 19, 2022
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and... Moderate Unreviewed
CVE-2004-0643 was published Apr 29, 2022
Incorrect returning of an error code in the index.c:read_entry() function leads to a double free... Moderate Unreviewed
CVE-2018-8099 was published Apr 30, 2022
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2005-0891 was published May 1, 2022
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat... Moderate Unreviewed
CVE-2008-2944 was published May 1, 2022
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free... Moderate Unreviewed
CVE-2017-9287 was published May 13, 2022
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12... Moderate Unreviewed
CVE-2017-6166 was published May 13, 2022
Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in... Moderate Unreviewed
CVE-2015-1239 was published May 13, 2022
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote... Moderate Unreviewed
CVE-2011-2834 was published May 13, 2022
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause... Moderate Unreviewed
CVE-2018-20450 was published May 13, 2022
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a... Moderate Unreviewed
CVE-2018-7523 was published May 13, 2022
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial... Moderate Unreviewed
CVE-2018-16841 was published May 13, 2022
A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software... Moderate Unreviewed
CVE-2018-0160 was published May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to... Moderate Unreviewed
CVE-2017-7521 was published May 13, 2022
A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in... Moderate Unreviewed
CVE-2018-16424 was published May 13, 2022
A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc... Moderate Unreviewed
CVE-2018-16425 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API