Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

175 advisories

Loading
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2022-28201 was published Sep 20, 2022
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. Moderate Unreviewed
CVE-2022-3222 was published Sep 16, 2022
XPDF v4.04 was discovered to contain a stack overflow via the function Catalog::countPageTree()... Moderate Unreviewed
CVE-2022-38334 was published Sep 16, 2022
A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This... High Unreviewed
CVE-2022-3216 was published Sep 15, 2022
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial... Moderate Unreviewed
CVE-2021-3997 was published Aug 24, 2022
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of... High Unreviewed
CVE-2022-23460 was published Aug 20, 2022
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-30633 was published Aug 11, 2022
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows... High Unreviewed
CVE-2022-30635 was published Aug 11, 2022
Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-30632 was published Aug 11, 2022
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-30631 was published Aug 11, 2022
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to... High Unreviewed
CVE-2022-30630 was published Aug 11, 2022
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-28131 was published Aug 11, 2022
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow... Moderate Unreviewed
CVE-2022-1962 was published Aug 11, 2022
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for... Moderate Unreviewed
CVE-2019-18854 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could... High Unreviewed
CVE-2019-12295 was published May 24, 2022
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp... Moderate Unreviewed
CVE-2019-12213 was published May 24, 2022
Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3... High Unreviewed
CVE-2021-39929 was published May 24, 2022
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform... Moderate Unreviewed
CVE-2021-43519 was published May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting... Moderate Unreviewed
CVE-2021-22454 was published May 24, 2022
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call... Moderate Unreviewed
CVE-2021-39257 was published May 24, 2022
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers... Moderate Unreviewed
CVE-2020-18898 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption... High Unreviewed
CVE-2021-38569 was published May 24, 2022
uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter... High Unreviewed
CVE-2021-36773 was published May 24, 2022
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the ... Moderate Unreviewed
CVE-2020-20213 was published May 24, 2022
An unlimited recursion in DxeCore in EDK II. High Unreviewed
CVE-2021-28210 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database