GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
84 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
vsock: fix recursive -...
Moderate
Unreviewed
CVE-2024-44996
was published
Sep 4, 2024
An issue in the anchors subparser of Showdownjs versions <= 2.1.0 could allow a remote attacker...
Moderate
Unreviewed
CVE-2024-1899
was published
Feb 26, 2024
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push...
Moderate
Unreviewed
CVE-2023-31794
was published
Oct 31, 2023
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
Moderate
Unreviewed
CVE-2022-48545
was published
Aug 22, 2023
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion...
Moderate
Unreviewed
CVE-2023-2663
was published
Jul 6, 2023
In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite...
Moderate
Unreviewed
CVE-2023-2664
was published
Jul 6, 2023
An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a...
Moderate
Unreviewed
CVE-2020-36691
was published
Mar 24, 2023
In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting...
Moderate
Unreviewed
CVE-2022-37034
was published
Feb 2, 2023
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite...
Moderate
Unreviewed
CVE-2022-47662
was published
Jan 5, 2023
Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for...
Moderate
Unreviewed
CVE-2022-42321
was published
Nov 1, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively...
Moderate
Unreviewed
CVE-2022-31628
was published
Sep 29, 2022
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37...
Moderate
Unreviewed
CVE-2022-28201
was published
Sep 20, 2022
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.
Moderate
Unreviewed
CVE-2022-3222
was published
Sep 16, 2022
XPDF v4.04 was discovered to contain a stack overflow via the function Catalog::countPageTree()...
Moderate
Unreviewed
CVE-2022-38334
was published
Sep 16, 2022
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial...
Moderate
Unreviewed
CVE-2021-3997
was published
Aug 24, 2022
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow...
Moderate
Unreviewed
CVE-2022-1962
was published
Aug 11, 2022
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for...
Moderate
Unreviewed
CVE-2019-18854
was published
May 24, 2022
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp...
Moderate
Unreviewed
CVE-2019-12213
was published
May 24, 2022
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform...
Moderate
Unreviewed
CVE-2021-43519
was published
May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting...
Moderate
Unreviewed
CVE-2021-22454
was published
May 24, 2022
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call...
Moderate
Unreviewed
CVE-2021-39257
was published
May 24, 2022
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers...
Moderate
Unreviewed
CVE-2020-18898
was published
May 24, 2022
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the ...
Moderate
Unreviewed
CVE-2020-20213
was published
May 24, 2022
Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause...
Moderate
Unreviewed
CVE-2020-18392
was published
May 24, 2022
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(),...
Moderate
Unreviewed
CVE-2021-30470
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API