Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

270 advisories

Loading
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software... High Unreviewed
CVE-2021-1252 was published May 24, 2022
StackStorm st2 Infinite Loop Condition High
CVE-2021-28667 was published for st2client (pip) May 24, 2022 withdrawn
encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom... High Unreviewed
CVE-2021-27918 was published May 24, 2022
picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop)... High Unreviewed
CVE-2020-24944 was published May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the... High Unreviewed
CVE-2020-36227 was published May 24, 2022
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the... High Unreviewed
CVE-2020-28095 was published May 24, 2022
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option... High Unreviewed
CVE-2020-24337 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13984 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13986 was published May 24, 2022
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service... High Unreviewed
CVE-2019-18796 was published May 24, 2022
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an... High Unreviewed
CVE-2020-26575 was published May 24, 2022
** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special... High Unreviewed
CVE-2020-15598 was published May 24, 2022
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8... High Unreviewed
CVE-2020-7046 was published May 24, 2022
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an... High Unreviewed
CVE-2019-20421 was published May 24, 2022
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in... High Unreviewed
CVE-2019-5097 was published May 24, 2022
Loop with Unreachable Exit Condition in Apache Thrift High
CVE-2019-0205 was published for org.apache.thrift:libthrift (Maven) May 24, 2022
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service... High Unreviewed
CVE-2019-18217 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite... High Unreviewed
CVE-2019-16319 was published May 24, 2022
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek... High Unreviewed
CVE-2019-14442 was published May 24, 2022
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and... High Unreviewed
CVE-2019-3900 was published May 24, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2016-6817 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite... High Unreviewed
CVE-2018-9444 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed... High Unreviewed
CVE-2018-9257 was published May 13, 2022
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject:... High Unreviewed
CVE-2018-8002 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite... High Unreviewed
CVE-2018-7332 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database