Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

175 advisories

Loading
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types... Moderate Unreviewed
CVE-2019-19645 was published May 24, 2022
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because... Moderate Unreviewed
CVE-2019-18853 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart... High Unreviewed
CVE-2018-4002 was published May 24, 2022
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2019-17450 was published May 24, 2022
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print()... High Unreviewed
CVE-2018-16300 was published May 24, 2022
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. High Unreviewed
CVE-2018-16452 was published May 24, 2022
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions... High Unreviewed
CVE-2019-13124 was published May 24, 2022
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions... High Unreviewed
CVE-2019-13123 was published May 24, 2022
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE... Moderate Unreviewed
CVE-2019-11779 was published May 24, 2022
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. Moderate Unreviewed
CVE-2019-16163 was published May 24, 2022
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers... Moderate Unreviewed
CVE-2019-15144 was published May 24, 2022
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion,... Moderate Unreviewed
CVE-2019-15118 was published May 24, 2022
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By... Moderate Unreviewed
CVE-2019-13955 was published May 24, 2022
yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed
CVE-2019-1010182 was published May 24, 2022
serde serde_yaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed
CVE-2019-1010183 was published May 24, 2022
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service ... Moderate Unreviewed
CVE-2018-20821 was published May 24, 2022
LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass:... Moderate Unreviewed
CVE-2018-20822 was published May 24, 2022
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match... High Unreviewed
CVE-2019-11413 was published May 24, 2022
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of... Moderate Unreviewed
CVE-2022-30974 was published May 19, 2022
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Moderate Unreviewed
CVE-2022-1771 was published May 19, 2022
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery... High Unreviewed
CVE-2016-3627 was published May 14, 2022
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name... High Unreviewed
CVE-2018-9918 was published May 13, 2022
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.... Moderate Unreviewed
CVE-2018-9996 was published May 13, 2022
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream... Moderate Unreviewed
CVE-2018-6544 was published May 13, 2022
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image... Moderate Unreviewed
CVE-2018-5772 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database