GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
21 advisories
Filter by severity
use-after-free vulnerability in Rust array-queue
Moderate
CVE-2020-35900
was published
for
array-queue
(Rust)
Aug 25, 2021
Use after free in actix-service
Moderate
CVE-2020-35899
was published
for
actix-service
(Rust)
Aug 25, 2021
iana-time-zone vulnerable to use after free in MacOS / iOS implementation
Moderate
GHSA-3fg9-hcq5-vxrc
was published
for
iana-time-zone
(Rust)
Aug 30, 2022
Wasmtime vulnerable to Use After Free with `externref`s
Moderate
CVE-2022-31146
was published
for
cranelift-codegen
(Rust)
Jul 20, 2022
Memory Safety Issue when using patch or merge on state and assign the result back to state
Moderate
CVE-2021-39228
was published
for
tremor-script
(Rust)
Sep 20, 2021
use-after-free in tracing
Moderate
GHSA-8f24-6m29-wm2r
was published
for
tracing
(Rust)
Jan 17, 2024
Use-after-free when setting the locale
Moderate
GHSA-c8v3-jhv9-4ppc
was published
for
rust-i18n-support
(Rust)
Jan 23, 2024
Use after free in libpulse-binding
Moderate
CVE-2018-25001
was published
for
libpulse-binding
(Rust)
Aug 30, 2021
Garbage collection issue in BC-FJA in Java 13 and later
Moderate
CVE-2022-45146
was published
for
org.bouncycastle:bc-fips
(Maven)
Nov 21, 2022
Use-after-free in libxml2 via Nokogiri::XML::Reader
Moderate
GHSA-vcc3-rw6f-jv97
was published
for
nokogiri
(RubyGems)
Mar 18, 2024
Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062
Moderate
GHSA-xc9x-jj77-9p9j
was published
for
nokogiri
(RubyGems)
Feb 5, 2024
Use after free in libpulse-binding
Moderate
GHSA-f56g-chqp-22m9
was published
for
libpulse-binding
(Rust)
Feb 3, 2024
@fastly/js-compute has a use-after-free in some host call implementations
Moderate
CVE-2024-38375
was published
for
@fastly/js-compute
(npm)
Jun 26, 2024
Use After Free in MicroPython
Moderate
CVE-2024-8947
was published
for
micropython-copy
(pip)
Sep 17, 2024
PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references
Moderate
CVE-2024-9979
was published
for
pyo3
(Rust)
Oct 15, 2024
Duplicate Advisory: PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references
Moderate
GHSA-f8x4-f32r-w556
was published
for
pyo3
(Rust)
Oct 15, 2024
•
withdrawn
Use after free and segfault in shape inference functions
Moderate
CVE-2021-37690
was published
for
tensorflow
(pip)
Aug 25, 2021
Use after free passing `externref`s to Wasm in Wasmtime
Moderate
CVE-2021-39216
was published
for
wasmtime
(pip)
Sep 20, 2021
ProTip!
Advisories are also available from the
GraphQL API