Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

85 advisories

Loading
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow... Moderate Unreviewed
CVE-2022-0585 was published Feb 19, 2022
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet... High Unreviewed
CVE-2021-4190 was published Dec 31, 2021
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate... Moderate Unreviewed
CVE-2024-42237 was published Aug 7, 2024
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of... Moderate Unreviewed
CVE-2023-1993 was published Apr 12, 2023
Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows... Moderate Unreviewed
CVE-2023-0411 was published Jan 26, 2023
pypdf possibly loops infinitely when reading DCT inline images without EOF marker Moderate
CVE-2025-62707 was published for pypdf (pip) Oct 22, 2025
tylzh97 stefan6419846
Credited to tylzh97 and stefan6419846
Finance.js vulnerable to DoS via the IRR function’s depth parameter High
CVE-2025-56571 was published for financejs (npm) Sep 30, 2025
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders... High Unreviewed
CVE-2017-17914 was published May 13, 2022
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an... High Unreviewed
CVE-2017-14174 was published May 13, 2022
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14175 was published May 13, 2022
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14172 was published May 13, 2022
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex... High Unreviewed
CVE-2017-13776 was published May 13, 2022
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex... High Unreviewed
CVE-2017-13777 was published May 13, 2022
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c. High Unreviewed
CVE-2017-12587 was published May 13, 2022
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in... High Unreviewed
CVE-2017-12674 was published May 13, 2022
In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was... High Unreviewed
CVE-2017-11409 was published May 13, 2022
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a... High Unreviewed
CVE-2024-4227 was published Jan 15, 2025
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106),... Moderate Unreviewed
CVE-2024-8049 was published Nov 13, 2024
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary... Moderate Unreviewed
CVE-2024-4603 was published May 16, 2024
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:... Moderate Unreviewed
CVE-2023-3817 was published Jul 31, 2023
Liferay Portal denial-of-service vulnerability Moderate
CVE-2024-25144 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024
In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in... Low Unreviewed
CVE-2022-48939 was published Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved: ionic: use... Moderate Unreviewed
CVE-2024-42071 was published Jul 29, 2024
Golang TIFF decoder vulnerable to excessive CPU consumption Moderate
CVE-2023-29407 was published for golang.org/x/image (Go) Aug 2, 2023
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server... High Unreviewed
CVE-2023-5632 was published Oct 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database