Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

302 advisories

Loading
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are... High Unreviewed
CVE-2023-3748 was published Jul 24, 2023
Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote... High Unreviewed
CVE-2023-30188 was published Aug 14, 2023
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file... High Unreviewed
CVE-2023-42524 was published Sep 18, 2023
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file... High Unreviewed
CVE-2023-42525 was published Sep 18, 2023
Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure... High Unreviewed
CVE-2023-43761 was published Sep 22, 2023
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper... High Unreviewed
CVE-2023-44181 was published Oct 13, 2023
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be... High Unreviewed
CVE-2022-27781 was published Jun 3, 2022
Ryu Infinite Loop vulnerability High
CVE-2024-28732 was published for ryu (pip) Apr 8, 2024
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6... High Unreviewed
CVE-2023-38197 was published Jul 13, 2023
Undertow denial of service vulnerability High
CVE-2023-1108 was published for io.undertow:undertow-core (Maven) Sep 14, 2023
marcospds bvahdat
Credited to marcospds and bvahdat
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and... High Unreviewed
CVE-2019-3900 was published May 24, 2022
x/net/html Vulnerable to DoS During HTML Parsing High
CVE-2018-17846 was published for golang.org/x/net (Go) Sep 25, 2023
Infinite Loop in jsonparser High
CVE-2020-10675 was published for github.com/buger/jsonparser (Go) May 18, 2021
golang.org/x/net/html Infinite Loop vulnerability High
CVE-2021-33194 was published for golang.org/x/net (Go) May 24, 2022
Denial of Service Vulnerability in Rustls Library High
CVE-2024-32650 was published for rustls (Rust) Apr 19, 2024
Taowyoo arai-fortanix
jjfiv s-arash
Credited to Taowyoo, arai-fortanix, jjfiv, and s-arash
github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS) High
CVE-2021-29482 was published for github.com/ulikunitz/xz (Go) May 25, 2021
0xdecaf
Credited to 0xdecaf
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates High
CVE-2022-0778 was published for openssl-src (Rust) Mar 16, 2022
rajivshah3 michaelkedar
Credited to rajivshah3 and michaelkedar
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When... High Unreviewed
CVE-2023-34966 was published Jul 20, 2023
Ryu Infinite Loop vulnerability High
CVE-2024-34488 was published for ryu (pip) May 5, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34489 was published for ryu (pip) May 5, 2024
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that... High Unreviewed
CVE-2024-1931 was published Mar 7, 2024
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function. High Unreviewed
CVE-2024-40060 was published Jul 23, 2024
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when... High Unreviewed
CVE-2024-36732 was published Jun 6, 2024
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. High Unreviewed
CVE-2024-23352 was published Aug 5, 2024
Certain WithSecure products allow a Denial of Service because the engine scanner can go into an... High Unreviewed
CVE-2024-27359 was published Feb 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database