GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
101 advisories
Filter by severity
Moodle vulnerable to Uncontrolled Resource Consumption
High
CVE-2021-36395
was published
for
moodle/moodle
(Composer)
Mar 6, 2023
Jettison vulnerable to infinite recursion
High
CVE-2023-1436
was published
for
org.codehaus.jettison:jettison
(Maven)
Mar 22, 2023
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion...
High
Unreviewed
CVE-2017-11164
was published
May 13, 2022
Uncontrolled recursion in rust-yaml
High
CVE-2018-20993
was published
for
yaml-rust
(Rust)
Aug 25, 2021
Uncontrolled recursion in trust-dns-proto
High
CVE-2018-20994
was published
for
trust-dns-proto
(Rust)
Aug 25, 2021
XStream can cause Denial of Service via stack overflow
High
CVE-2022-41966
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 29, 2022
A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This...
High
Unreviewed
CVE-2022-3216
was published
Sep 15, 2022
Vapor vulnerable to denial of service in URLEncodedFormDecoder
High
CVE-2022-31019
was published
for
github.com/vapor/vapor
(Swift)
Jun 7, 2023
Routinator infinite loop vulnerability
High
CVE-2021-43172
was published
for
routinator
(Rust)
May 24, 2022
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of...
High
Unreviewed
CVE-2022-23460
was published
Aug 20, 2022
Jettison memory exhaustion
High
CVE-2022-40150
was published
for
org.codehaus.jettison:jettison
(Maven)
Sep 17, 2022
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager,...
High
Unreviewed
CVE-2022-28773
was published
Apr 13, 2022
Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow
High
CVE-2022-31173
was published
for
juniper
(Rust)
Jul 29, 2022
A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO...
High
Unreviewed
CVE-2023-24472
was published
Mar 30, 2023
graphql-go has infinite recursion in the type definition parser
High
CVE-2022-37315
was published
for
github.com/graphql-go/graphql
(Go)
Aug 2, 2022
Uncontrolled Recursion in Loofah
High
CVE-2022-23516
was published
for
loofah
(RubyGems)
Dec 13, 2022
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause...
High
Unreviewed
CVE-2020-23804
was published
Aug 22, 2023
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU...
High
Unreviewed
CVE-2022-47374
was published
Dec 12, 2023
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or...
High
Unreviewed
CVE-2024-0210
was published
Jan 3, 2024
msgpackr's conversion of property names to strings can trigger infinite recursion
High
CVE-2023-52079
was published
for
msgpackr
(npm)
Dec 28, 2023
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery...
High
Unreviewed
CVE-2016-3627
was published
May 14, 2022
orjson does not limit recursion for deeply nested JSON documents
High
CVE-2024-27454
was published
for
orjson
(pip)
Feb 26, 2024
A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and...
High
Unreviewed
CVE-2024-20311
was published
Mar 27, 2024
** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29,...
High
Unreviewed
CVE-2019-9192
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API