Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,109
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

217 advisories

Loading
This vulnerability allows any attacker to cause the PeerTube server to stop responding to... High Unreviewed
CVE-2025-32947 was published Apr 15, 2025
An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12... High Unreviewed
CVE-2025-51986 was published Aug 14, 2025
A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA... High Unreviewed
CVE-2025-20253 was published Aug 14, 2025
A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco... High Unreviewed
CVE-2025-20217 was published Aug 14, 2025
A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation (NAT) DNS... High Unreviewed
CVE-2025-20136 was published Aug 14, 2025
A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and... High Unreviewed
CVE-2025-20243 was published Aug 14, 2025
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry... High Unreviewed
CVE-2025-8194 was published Jul 28, 2025
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted... High Unreviewed
CVE-2025-5399 was published Jun 7, 2025
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2024-20353 was published Apr 24, 2024
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the... High Unreviewed
CVE-2020-28095 was published May 24, 2022
An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume... High Unreviewed
CVE-2023-51890 was published Jan 24, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17... High Unreviewed
CVE-2025-0673 was published Jun 12, 2025
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. High Unreviewed
CVE-2024-22654 was published May 29, 2025
qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users... High Unreviewed
CVE-2022-46770 was published Dec 7, 2022
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function... High Unreviewed
CVE-2017-17681 was published May 13, 2022
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote... High Unreviewed
CVE-2017-16944 was published May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC... High Unreviewed
CVE-2017-15908 was published May 13, 2022
The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer... High Unreviewed
CVE-2017-14339 was published May 13, 2022
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to... High Unreviewed
CVE-2017-13728 was published May 13, 2022
The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote... High Unreviewed
CVE-2017-11118 was published May 13, 2022
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2... High Unreviewed
CVE-2017-9258 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite... High Unreviewed
CVE-2017-11406 was published May 13, 2022
The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause... High Unreviewed
CVE-2017-9122 was published May 13, 2022
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote... High Unreviewed
CVE-2017-8871 was published May 13, 2022
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin... High Unreviewed
CVE-2017-9023 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database