Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

198 advisories

Loading
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). High Unreviewed
CVE-2022-23352 was published Mar 22, 2022
A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ... High Unreviewed
CVE-2022-21159 was published Apr 16, 2022
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8... High Unreviewed
CVE-2017-2909 was published May 13, 2022
encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom... High Unreviewed
CVE-2021-27918 was published May 24, 2022
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software... High Unreviewed
CVE-2021-1252 was published May 24, 2022
An infinite loop in the function httpRpmPass of TP-Link TL-WR741N/TL-WR742N V1/V2/V3_130415... High Unreviewed
CVE-2022-32058 was published Jul 8, 2022
A CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability exists that could... High Unreviewed
CVE-2022-34760 was published Jul 14, 2022
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker... High Unreviewed
CVE-2022-30634 was published Jul 16, 2022
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite... High Unreviewed
CVE-2019-16319 was published May 24, 2022
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an... High Unreviewed
CVE-2019-20421 was published May 24, 2022
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8... High Unreviewed
CVE-2020-7046 was published May 24, 2022
Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in... High Unreviewed
CVE-2022-25742 was published Nov 15, 2022
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6... High Unreviewed
CVE-2022-33239 was published Nov 15, 2022
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service... High Unreviewed
CVE-2019-18796 was published May 24, 2022
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an... High Unreviewed
CVE-2020-26575 was published May 24, 2022
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option... High Unreviewed
CVE-2020-24337 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13986 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13984 was published May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the... High Unreviewed
CVE-2020-36227 was published May 24, 2022
picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop)... High Unreviewed
CVE-2020-24944 was published May 24, 2022
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the... High Unreviewed
CVE-2020-28095 was published May 24, 2022
On BIG-IP version 16.0.x before 16.0.1.1 and 15.1.x before 15.1.3, malformed HTTP/2 requests may... High Unreviewed
CVE-2021-23009 was published May 24, 2022
Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via... High Unreviewed
CVE-2021-22222 was published May 24, 2022
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special... High Unreviewed
CVE-2021-36125 was published May 24, 2022
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all... High Unreviewed
CVE-2022-34862 was published Aug 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database