Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

486 advisories

Loading
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device... Moderate Unreviewed
CVE-2021-20255 was published May 24, 2022
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing... Moderate Unreviewed
CVE-2020-27618 was published May 24, 2022
Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An... Moderate Unreviewed
CVE-2020-9307 was published May 24, 2022
In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates... Moderate Unreviewed
CVE-2021-22161 was published May 24, 2022
picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop)... High Unreviewed
CVE-2020-24944 was published May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the... High Unreviewed
CVE-2020-36227 was published May 24, 2022
In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured... Moderate Unreviewed
CVE-2021-0221 was published May 24, 2022
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the... High Unreviewed
CVE-2020-28095 was published May 24, 2022
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw... Moderate Unreviewed
CVE-2020-29385 was published May 24, 2022
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option... High Unreviewed
CVE-2020-24337 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13984 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13986 was published May 24, 2022
hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer... Moderate Unreviewed
CVE-2020-28916 was published May 24, 2022
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2018-20803 was published May 24, 2022
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among... Moderate Unreviewed
CVE-2020-16127 was published May 24, 2022
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel... Moderate Unreviewed
CVE-2020-27152 was published May 24, 2022
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service... High Unreviewed
CVE-2019-18796 was published May 24, 2022
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an... High Unreviewed
CVE-2020-26575 was published May 24, 2022
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A... Moderate Unreviewed
CVE-2020-25641 was published May 24, 2022
** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special... High Unreviewed
CVE-2020-15598 was published May 24, 2022
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. Moderate Unreviewed
CVE-2020-25625 was published May 24, 2022
In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an... Moderate Unreviewed
CVE-2020-0247 was published May 24, 2022
When in an endless loop, a website specifying a custom cursor using CSS could make it look like... Moderate Unreviewed
CVE-2020-15654 was published May 24, 2022
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to... Moderate Unreviewed
CVE-2019-20907 was published May 24, 2022
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was... Moderate Unreviewed
CVE-2020-15466 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database