Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

295 advisories

Loading
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print... High Unreviewed
CVE-2017-12990 was published May 13, 2022
ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified... High Unreviewed
CVE-2017-12412 was published May 13, 2022
In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported... High Unreviewed
CVE-2017-13193 was published May 13, 2022
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c... High Unreviewed
CVE-2017-12997 was published May 13, 2022
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain... High Unreviewed
CVE-2017-12995 was published May 13, 2022
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1... High Unreviewed
CVE-2017-11523 was published May 13, 2022
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()... High Unreviewed
CVE-2017-10986 was published May 13, 2022
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0... High Unreviewed
CVE-2017-11478 was published May 13, 2022
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop... High Unreviewed
CVE-2017-11446 was published May 13, 2022
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion... High Unreviewed
CVE-2017-10985 was published May 13, 2022
libjpeg commit 281daa9 was discovered to contain an infinite loop via the component Frame:... High Unreviewed
CVE-2022-37768 was published Aug 19, 2022
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to... High Unreviewed
CVE-2018-14621 was published May 13, 2022
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in... High Unreviewed
CVE-2018-5381 was published May 13, 2022
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions... High Unreviewed
CVE-2018-1041 was published May 13, 2022
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. High Unreviewed
CVE-2018-11365 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector... High Unreviewed
CVE-2018-14368 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite... High Unreviewed
CVE-2018-19622 was published May 13, 2022
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an... High Unreviewed
CVE-2019-9747 was published May 13, 2022
An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP... High Unreviewed
CVE-2021-20041 was published Dec 9, 2021
In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan... High Unreviewed
CVE-2019-10898 was published May 13, 2022
In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed... High Unreviewed
CVE-2019-10897 was published May 13, 2022
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan... High Unreviewed
CVE-2019-10900 was published May 13, 2022
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions... High Unreviewed
CVE-2018-5818 was published May 13, 2022
Infinite loop in Apache CFX High
CVE-2021-30468 was published for org.apache.cxf:apache-cxf (Maven) Jan 6, 2022
Infinite loop in xz High
CVE-2020-16845 was published for github.com/ulikunitz/xz (Go) Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database