Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

617 advisories

Loading
** DISPUTED ** In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop... Moderate Unreviewed
CVE-2018-19826 was published May 13, 2022
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer... Moderate Unreviewed
CVE-2018-19108 was published May 13, 2022
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0... Moderate Unreviewed
CVE-2018-18915 was published May 13, 2022
Asciidoctor Infinite Loop vulnerability High
CVE-2018-18385 was published for asciidoctor (RubyGems) May 13, 2022
An issue has been found in dbf2txt through 2012-07-19. It is a infinite loop. Moderate Unreviewed
CVE-2018-17042 was published May 13, 2022
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in... Moderate Unreviewed
CVE-2018-15856 was published May 13, 2022
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a... Moderate Unreviewed
CVE-2018-14445 was published May 13, 2022
GNU Libextractor before 1.7 contains an infinite loop vulnerability in... Moderate Unreviewed
CVE-2018-14347 was published May 13, 2022
The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop. High Unreviewed
CVE-2018-14051 was published May 13, 2022
In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop because sym2 and counter... High Unreviewed
CVE-2018-12913 was published May 13, 2022
An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk... Moderate Unreviewed
CVE-2018-12228 was published May 13, 2022
ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. High Unreviewed
CVE-2018-11657 was published May 13, 2022
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted... High Unreviewed
CVE-2018-10938 was published May 13, 2022
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial... Moderate Unreviewed
CVE-2018-10981 was published May 13, 2022
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x... High Unreviewed
CVE-2018-10546 was published May 13, 2022
Loop with Unreachable Exit Condition in Jenkins Moderate
CVE-2018-1000864 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
RubyGems Infinite Loop vulnerability High
CVE-2018-1000075 was published for org.jruby:jruby-stdlib (RubyGems) May 13, 2022
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability ... Moderate Unreviewed
CVE-2017-9461 was published May 13, 2022
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x... High Unreviewed
CVE-2017-9358 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite... High Unreviewed
CVE-2017-9352 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite... High Unreviewed
CVE-2017-9346 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This... High Unreviewed
CVE-2017-9349 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop... High Unreviewed
CVE-2017-9345 was published May 13, 2022
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2... High Unreviewed
CVE-2017-9258 was published May 13, 2022
The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9222 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database