GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,005

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

198 advisories

Filter by severity

Sort by

Least recently updated

The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop... High Unreviewed

CVE-2017-11446 was published May 13, 2022

The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0... High Unreviewed

CVE-2017-11478 was published May 13, 2022

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite... High Unreviewed

CVE-2017-11406 was published May 13, 2022

The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote... High Unreviewed

CVE-2017-11118 was published May 13, 2022

An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()... High Unreviewed

CVE-2017-10986 was published May 13, 2022

An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion... High Unreviewed

CVE-2017-10985 was published May 13, 2022

An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to... High Unreviewed

CVE-2018-14621 was published May 13, 2022

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions... High Unreviewed

CVE-2018-1041 was published May 13, 2022

The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in... High Unreviewed

CVE-2018-5381 was published May 13, 2022

** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to... High Unreviewed

CVE-2017-15871 was published May 13, 2022

sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. High Unreviewed

CVE-2018-11365 was published May 13, 2022

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector... High Unreviewed

CVE-2018-14368 was published May 13, 2022

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite... High Unreviewed

CVE-2018-19622 was published May 13, 2022

In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function... High Unreviewed

CVE-2017-17681 was published May 13, 2022

The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote... High Unreviewed

CVE-2017-8871 was published May 13, 2022

In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an... High Unreviewed

CVE-2019-9747 was published May 13, 2022

In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed... High Unreviewed

CVE-2019-10897 was published May 13, 2022

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan... High Unreviewed

CVE-2019-10898 was published May 13, 2022

In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan... High Unreviewed

CVE-2019-10900 was published May 13, 2022

An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions... High Unreviewed

CVE-2018-5818 was published May 13, 2022

libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing... High Unreviewed

CVE-2018-16789 was published May 13, 2022

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed

CVE-2017-18271 was published May 13, 2022

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed

CVE-2017-18273 was published May 13, 2022

The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause... High Unreviewed

CVE-2017-9122 was published May 13, 2022

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in... High Unreviewed

CVE-2019-3833 was published May 13, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

198 advisories