GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
25 advisories
Filter by severity
Using the Location API in a loop could have caused severe application hangs and crashes. This...
Moderate
Unreviewed
CVE-2021-43545
was published
Dec 9, 2021
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow...
Moderate
Unreviewed
CVE-2022-0585
was published
Feb 19, 2022
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e.,...
Moderate
Unreviewed
CVE-2019-9547
was published
May 13, 2022
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator)...
Moderate
Unreviewed
CVE-2016-7421
was published
May 13, 2022
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long...
Moderate
Unreviewed
CVE-2018-11507
was published
May 13, 2022
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage...
Moderate
Unreviewed
CVE-2018-9133
was published
May 13, 2022
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability...
Moderate
Unreviewed
CVE-2017-11360
was published
May 13, 2022
In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop...
Moderate
Unreviewed
CVE-2017-13279
was published
May 13, 2022
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to...
Moderate
Unreviewed
CVE-2017-2330
was published
May 13, 2022
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to...
Moderate
Unreviewed
CVE-2018-18651
was published
May 13, 2022
libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the...
Moderate
Unreviewed
CVE-2018-5252
was published
May 13, 2022
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1...
Moderate
Unreviewed
CVE-2019-12973
was published
May 24, 2022
In the Accounts package, there is a possible crash due to improper input validation. This could...
Moderate
Unreviewed
CVE-2019-9376
was published
May 24, 2022
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and...
Moderate
Unreviewed
CVE-2020-14303
was published
May 24, 2022
A user authorized to perform database queries may trigger denial of service by issuing specially...
Moderate
Unreviewed
CVE-2018-20805
was published
May 24, 2022
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU"...
Moderate
Unreviewed
CVE-2021-28950
was published
May 24, 2022
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability....
Moderate
Unreviewed
CVE-2021-21565
was published
May 24, 2022
Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows...
Moderate
Unreviewed
CVE-2023-0411
was published
Jan 26, 2023
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of...
Moderate
Unreviewed
CVE-2023-1993
was published
Apr 12, 2023
An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0...
Moderate
Unreviewed
CVE-2023-30226
was published
Jul 12, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary:...
Moderate
Unreviewed
CVE-2023-3817
was published
Jul 31, 2023
Issue summary: Checking excessively long DSA keys or parameters may be very
slow.
Impact summary...
Moderate
Unreviewed
CVE-2024-4603
was published
May 16, 2024
In the Linux kernel, the following vulnerability has been resolved:
ionic: use...
Moderate
Unreviewed
CVE-2024-42071
was published
Jul 29, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Validate...
Moderate
Unreviewed
CVE-2024-42237
was published
Aug 7, 2024
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106),...
Moderate
Unreviewed
CVE-2024-8049
was published
Nov 13, 2024
ProTip!
Advisories are also available from the
GraphQL API