Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

198 advisories

Loading
An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP... High Unreviewed
CVE-2021-20041 was published Dec 9, 2021
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function. High Unreviewed
CVE-2021-45257 was published Dec 23, 2021
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of... High Unreviewed
CVE-2021-4185 was published Dec 31, 2021
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows... High Unreviewed
CVE-2021-4184 was published Dec 31, 2021
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service... High Unreviewed
CVE-2021-4182 was published Dec 31, 2021
Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop. High Unreviewed
CVE-2021-45445 was published Jan 13, 2022
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers... High Unreviewed
CVE-2022-23968 was published Jan 27, 2022
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply... High Unreviewed
CVE-2022-23098 was published Feb 10, 2022
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows... High Unreviewed
CVE-2022-0586 was published Feb 15, 2022
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header.... High Unreviewed
CVE-2022-0711 was published Mar 3, 2022
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). High Unreviewed
CVE-2022-23352 was published Mar 22, 2022
A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ... High Unreviewed
CVE-2022-21159 was published Apr 16, 2022
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2009-1270 was published May 2, 2022
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8... High Unreviewed
CVE-2017-2909 was published May 13, 2022
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause... High Unreviewed
CVE-2016-5042 was published May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC... High Unreviewed
CVE-2017-15908 was published May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0... High Unreviewed
CVE-2013-2789 was published May 13, 2022
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class... High Unreviewed
CVE-2018-18070 was published May 13, 2022
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to... High Unreviewed
CVE-2017-13728 was published May 13, 2022
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote... High Unreviewed
CVE-2017-16944 was published May 13, 2022
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18... High Unreviewed
CVE-2018-5813 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop... High Unreviewed
CVE-2018-7421 was published May 13, 2022
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop... High Unreviewed
CVE-2018-20021 was published May 13, 2022
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in... High Unreviewed
CVE-2019-3833 was published May 13, 2022
The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause... High Unreviewed
CVE-2017-9122 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database