Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

302 advisories

Loading
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where... High Unreviewed
CVE-2022-28884 was published Sep 7, 2022
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming... High Unreviewed
CVE-2022-33238 was published Dec 13, 2022
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME... High Unreviewed
CVE-2022-48256 was published Jan 13, 2023
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2009-1270 was published May 2, 2022
Infinite Loop in Apache Sanselan High
CVE-2018-17202 was published for org.apache.sanselan:sanselan (Maven) May 14, 2019
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause... High Unreviewed
CVE-2016-5042 was published May 13, 2022
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter... High Unreviewed
CVE-2022-34661 was published Aug 11, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0... High Unreviewed
CVE-2013-2789 was published May 13, 2022
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class... High Unreviewed
CVE-2018-18070 was published May 13, 2022
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18... High Unreviewed
CVE-2018-5813 was published May 13, 2022
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop... High Unreviewed
CVE-2018-20021 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop... High Unreviewed
CVE-2018-7421 was published May 13, 2022
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed
CVE-2017-18271 was published May 13, 2022
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed
CVE-2017-18273 was published May 13, 2022
XStream can cause a Denial of Service. High
CVE-2021-21341 was published for com.thoughtworks.xstream:xstream (Maven) Mar 22, 2021
Infinite loop in Yubico yubihsm-connector High
CVE-2021-28484 was published for github.com/Yubico/yubihsm-connector (Go) Feb 15, 2022
libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing... High Unreviewed
CVE-2018-16789 was published May 13, 2022
Infinite loop in Apache CFX High
CVE-2021-30468 was published for org.apache.cxf:apache-cxf (Maven) Jan 6, 2022
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions... High Unreviewed
CVE-2018-5818 was published May 13, 2022
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan... High Unreviewed
CVE-2019-10900 was published May 13, 2022
In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed... High Unreviewed
CVE-2019-10897 was published May 13, 2022
In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan... High Unreviewed
CVE-2019-10898 was published May 13, 2022
An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP... High Unreviewed
CVE-2021-20041 was published Dec 9, 2021
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an... High Unreviewed
CVE-2019-9747 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite... High Unreviewed
CVE-2018-19622 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database