GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
156 advisories
Filter by severity
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of...
High
Unreviewed
CVE-2024-0208
was published
Jan 3, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or...
High
Unreviewed
CVE-2024-0211
was published
Jan 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
vsock: fix recursive -...
Moderate
Unreviewed
CVE-2024-44996
was published
Sep 4, 2024
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in...
Moderate
Unreviewed
CVE-2019-6131
was published
May 13, 2022
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic...
High
Unreviewed
CVE-2024-34158
was published
Sep 6, 2024
LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such...
Critical
Unreviewed
CVE-2023-51803
was published
Apr 1, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion...
Low
Unreviewed
CVE-2024-7866
was published
Aug 15, 2024
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c.
High
Unreviewed
CVE-2024-32609
was published
May 14, 2024
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x...
Moderate
Unreviewed
CVE-2020-28242
was published
May 24, 2022
An issue in the anchors subparser of Showdownjs versions <= 2.1.0 could allow a remote attacker...
Moderate
Unreviewed
CVE-2024-1899
was published
Feb 26, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-37973
was published
Jul 9, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion...
Low
Unreviewed
CVE-2024-4568
was published
May 6, 2024
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers...
Moderate
Unreviewed
CVE-2019-15144
was published
May 24, 2022
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean...
High
Unreviewed
CVE-2020-12243
was published
May 24, 2022
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack...
High
Unreviewed
CVE-2020-8285
was published
May 24, 2022
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or...
High
Unreviewed
CVE-2023-4512
was published
Aug 24, 2023
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
Moderate
Unreviewed
CVE-2022-48545
was published
Aug 22, 2023
In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite...
Moderate
Unreviewed
CVE-2023-2664
was published
Jul 6, 2023
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion...
Moderate
Unreviewed
CVE-2023-2663
was published
Jul 6, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability,...
High
Unreviewed
CVE-2023-2990
was published
Jun 22, 2023
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of...
High
Unreviewed
CVE-2023-31893
was published
Jun 5, 2023
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types...
Moderate
Unreviewed
CVE-2019-19645
was published
May 24, 2022
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
High
Unreviewed
CVE-2018-16452
was published
May 24, 2022
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print()...
High
Unreviewed
CVE-2018-16300
was published
May 24, 2022
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions...
High
Unreviewed
CVE-2019-13124
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API