Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

617 advisories

Loading
ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of... High Unreviewed
CVE-2023-50981 was published Dec 27, 2023
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF Moderate
CVE-2023-46250 was published for pypdf (pip) Oct 31, 2023
Alexhuszagh
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function High
CVE-2023-51075 was published for cn.hutool:hutool-core (Maven) Dec 27, 2023
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via... High Unreviewed
CVE-2021-42260 was published May 24, 2022
IPAddress Infinite Loop vulnerability (Disputed) Moderate
CVE-2023-50570 was published for com.github.seancfoley:ipaddress (Maven) Dec 29, 2023 withdrawn
mike-jumper
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that... High Unreviewed
CVE-2023-43511 was published Jan 2, 2024
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2018-20803 was published May 24, 2022
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed
CVE-2023-20200 was published Aug 23, 2023
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco... High Unreviewed
CVE-2023-20083 was published Nov 1, 2023
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop... Moderate Unreviewed
CVE-2023-50120 was published Jan 10, 2024
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV... High Unreviewed
CVE-2023-20197 was published Aug 17, 2023
A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application... High Unreviewed
CVE-2023-20020 was published Jan 20, 2023
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder High
CVE-2018-1336 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Apache Commons Compress vulnerable to denial of service due to infinite loop Moderate
CVE-2018-1324 was published for com.liferay:com.liferay.portal.tools.bundle.support (Maven) Mar 14, 2019
wtwhite MarkLee131
Comparison errorr in org.apache.tika:tika-core Moderate
CVE-2018-8017 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
MarkLee131
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4511 was published Aug 24, 2023
Infinite Loop in Apache Tomcat High
CVE-2020-13935 was published for org.apache.tomcat:tomcat (Maven) Feb 8, 2022
sunSUNQ
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to... High Unreviewed
CVE-2017-15871 was published May 13, 2022
An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an... Moderate Unreviewed
CVE-2023-47997 was published Jan 10, 2024
Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. High Unreviewed
CVE-2019-25040 was published May 24, 2022
** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special... High Unreviewed
CVE-2020-15598 was published May 24, 2022
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2010-0207 was published Apr 21, 2022
imagemagick 6.8.9.6 has remote DOS via infinite loop Moderate Unreviewed
CVE-2014-8561 was published May 17, 2022
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does... Moderate Unreviewed
CVE-2019-1010189 was published May 24, 2022
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service... High Unreviewed
CVE-2019-18217 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database