Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

486 advisories

Loading
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This... High Unreviewed
CVE-2017-9349 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop... High Unreviewed
CVE-2017-9345 was published May 13, 2022
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2... High Unreviewed
CVE-2017-9258 was published May 13, 2022
The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9222 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9210 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9208 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9209 was published May 13, 2022
The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows... Moderate Unreviewed
CVE-2017-9094 was published May 13, 2022
The my_skip_input_data_fn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1... Moderate Unreviewed
CVE-2017-9093 was published May 13, 2022
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin... High Unreviewed
CVE-2017-9023 was published May 13, 2022
The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows... Moderate Unreviewed
CVE-2017-8054 was published May 13, 2022
PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted... Moderate Unreviewed
CVE-2017-8053 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop... High Unreviewed
CVE-2017-7748 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite... High Unreviewed
CVE-2017-7746 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite... High Unreviewed
CVE-2017-7745 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an... High Unreviewed
CVE-2017-7700 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop... High Unreviewed
CVE-2017-7701 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by... High Unreviewed
CVE-2017-7704 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an... High Unreviewed
CVE-2017-7705 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite... High Unreviewed
CVE-2017-7702 was published May 13, 2022
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service ... High Unreviewed
CVE-2017-7618 was published May 13, 2022
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in... High Unreviewed
CVE-2017-7619 was published May 13, 2022
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c... High Unreviewed
CVE-2017-7401 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop,... High Unreviewed
CVE-2017-6472 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by... High Unreviewed
CVE-2017-6470 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database