Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

68 advisories

Loading
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by... Critical Unreviewed
CVE-2021-44732 was published Dec 21, 2021
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2021-37120 was published Jan 4, 2022
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may... Critical Unreviewed
CVE-2021-23158 was published Mar 17, 2022
Systrace before 1.6.0 has insufficient escape policy enforcement. Critical Unreviewed
CVE-2007-4773 was published Apr 21, 2022
A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2.... Critical Unreviewed
CVE-2022-28738 was published May 10, 2022
An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall.... Critical Unreviewed
CVE-2018-3985 was published May 13, 2022
Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers... Critical Unreviewed
CVE-2015-8880 was published May 13, 2022
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double... Critical Unreviewed
CVE-2018-16402 was published May 13, 2022
An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the... Critical Unreviewed
CVE-2018-17825 was published May 13, 2022
An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in... Critical Unreviewed
CVE-2018-18751 was published May 13, 2022
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors. Critical Unreviewed
CVE-2017-1000232 was published May 13, 2022
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified... Critical Unreviewed
CVE-2017-11462 was published May 13, 2022
A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling... Critical Unreviewed
CVE-2018-14054 was published May 13, 2022
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing... Critical Unreviewed
CVE-2018-5379 was published May 13, 2022
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive... Critical Unreviewed
CVE-2018-0101 was published May 13, 2022
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory... Critical Unreviewed
CVE-2016-8619 was published May 13, 2022
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006... Critical Unreviewed
CVE-2018-12782 was published May 14, 2022
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders... Critical Unreviewed
CVE-2017-11139 was published May 14, 2022
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through... Critical Unreviewed
CVE-2017-14952 was published May 14, 2022
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in... Critical Unreviewed
CVE-2019-6978 was published May 14, 2022
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c... Critical Unreviewed
CVE-2017-18174 was published May 14, 2022
In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free.... Critical Unreviewed
CVE-2018-9356 was published May 14, 2022
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing... Critical Unreviewed
CVE-2016-8618 was published May 14, 2022
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic... Critical Unreviewed
CVE-2017-18201 was published May 14, 2022
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26... Critical Unreviewed
CVE-2017-5334 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database