Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

617 advisories

Loading
phpseclib Infinite Loop vulnerability High
CVE-2023-27560 was published for phpseclib/phpseclib (Composer) Mar 3, 2023
janedbal
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS) High
CVE-2023-25653 was published for node-jose (npm) Feb 16, 2023
justaugustus bifurcation
Denial of service in modem due to missing null check while processing IP packets with padding High Unreviewed
CVE-2022-25734 was published Feb 12, 2023
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the... High Unreviewed
CVE-2022-46285 was published Feb 7, 2023
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some... High Unreviewed
CVE-2022-44617 was published Feb 7, 2023
DoS vulnerability in MaliciousCode filter Moderate
CVE-2023-23617 was published for openmage/magento-lts (Composer) Jan 27, 2023
When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function. High Unreviewed
CVE-2021-33642 was published Jan 20, 2023
A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application... High Unreviewed
CVE-2023-20020 was published Jan 20, 2023
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME... High Unreviewed
CVE-2022-48256 was published Jan 13, 2023
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1... Moderate Unreviewed
CVE-2022-4345 was published Jan 12, 2023
socks Infinite Loop vulnerability High
CVE-2013-10005 was published for github.com/btcsuite/go-socks (Go) Dec 28, 2022
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming... High Unreviewed
CVE-2022-33238 was published Dec 13, 2022
In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an... Moderate Unreviewed
CVE-2022-20476 was published Dec 13, 2022
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users... High Unreviewed
CVE-2022-46770 was published Dec 7, 2022
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the... Moderate Unreviewed
CVE-2022-4104 was published Nov 28, 2022
Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in... High Unreviewed
CVE-2022-25742 was published Nov 15, 2022
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6... High Unreviewed
CVE-2022-33239 was published Nov 15, 2022
An external attacker is able to send a specially crafted email (with many recipients) and trigger... Moderate Unreviewed
CVE-2022-39052 was published Oct 17, 2022
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19... Moderate Unreviewed
CVE-2022-42721 was published Oct 14, 2022
kamadak-exif vulnerable to Infinite loop when parsing PNG files Moderate
CVE-2021-21235 was published for kamadak-exif (Rust) Oct 6, 2022
Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other... Moderate Unreviewed
CVE-2014-0148 was published Sep 30, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively... Moderate Unreviewed
CVE-2022-31628 was published Sep 29, 2022
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where... Moderate Unreviewed
CVE-2022-28886 was published Sep 25, 2022
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0... Moderate Unreviewed
CVE-2022-3190 was published Sep 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database