Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,114
NuGet
735
pip
3,934
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

617 advisories

Loading
Infinite Loop in Apache Tomcat High
CVE-2020-13935 was published for org.apache.tomcat:tomcat (Maven) Feb 8, 2022
sunSUNQ
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4511 was published Aug 24, 2023
Comparison errorr in org.apache.tika:tika-core Moderate
CVE-2018-8017 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
MarkLee131
Apache Commons Compress vulnerable to denial of service due to infinite loop Moderate
CVE-2018-1324 was published for com.liferay:com.liferay.portal.tools.bundle.support (Maven) Mar 14, 2019
wtwhite MarkLee131
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder High
CVE-2018-1336 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application... High Unreviewed
CVE-2023-20020 was published Jan 20, 2023
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV... High Unreviewed
CVE-2023-20197 was published Aug 17, 2023
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop... Moderate Unreviewed
CVE-2023-50120 was published Jan 10, 2024
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco... High Unreviewed
CVE-2023-20083 was published Nov 1, 2023
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed
CVE-2023-20200 was published Aug 23, 2023
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2018-20803 was published May 24, 2022
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that... High Unreviewed
CVE-2023-43511 was published Jan 2, 2024
IPAddress Infinite Loop vulnerability (Disputed) Moderate
CVE-2023-50570 was published for com.github.seancfoley:ipaddress (Maven) Dec 29, 2023 withdrawn
mike-jumper
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via... High Unreviewed
CVE-2021-42260 was published May 24, 2022
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function High
CVE-2023-51075 was published for cn.hutool:hutool-core (Maven) Dec 27, 2023
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF Moderate
CVE-2023-46250 was published for pypdf (pip) Oct 31, 2023
Alexhuszagh
ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of... High Unreviewed
CVE-2023-50981 was published Dec 27, 2023
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird... Moderate Unreviewed
CVE-2006-6499 was published May 1, 2022
Loop with Unreachable Exit Condition in Jenkins Moderate
CVE-2018-1000864 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Infinite Loop in Jenkins Core Moderate
CVE-2018-1999044 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Candid infinite decoding loop through specially crafted payload High
CVE-2023-6245 was published for candid (Rust) Dec 8, 2023
venkkatesh-sekar chenyan-dfinity
Cosign vulnerable to possible endless data attack from attacker-controlled registry Low
CVE-2023-46737 was published for github.com/sigstore/cosign (Go) Nov 8, 2023
AdamKorcz pdeslaur
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Sierra Wireless, Inc... High Unreviewed
CVE-2023-40458 was published Nov 30, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database