Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

270 advisories

Loading
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to... High Unreviewed
CVE-2018-14621 was published May 13, 2022
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()... High Unreviewed
CVE-2017-10986 was published May 13, 2022
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion... High Unreviewed
CVE-2017-10985 was published May 13, 2022
The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote... High Unreviewed
CVE-2017-11118 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite... High Unreviewed
CVE-2017-11406 was published May 13, 2022
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0... High Unreviewed
CVE-2017-11478 was published May 13, 2022
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop... High Unreviewed
CVE-2017-11446 was published May 13, 2022
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1... High Unreviewed
CVE-2017-11523 was published May 13, 2022
ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified... High Unreviewed
CVE-2017-12412 was published May 13, 2022
Numpy missing input validation High
CVE-2017-12852 was published for numpy (pip) May 13, 2022
jhutchings1
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print... High Unreviewed
CVE-2017-12990 was published May 13, 2022
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c... High Unreviewed
CVE-2017-12989 was published May 13, 2022
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c... High Unreviewed
CVE-2017-12997 was published May 13, 2022
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain... High Unreviewed
CVE-2017-12995 was published May 13, 2022
In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero... High Unreviewed
CVE-2017-13192 was published May 13, 2022
In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be... High Unreviewed
CVE-2017-13195 was published May 13, 2022
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete... High Unreviewed
CVE-2017-13191 was published May 13, 2022
In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported... High Unreviewed
CVE-2017-13193 was published May 13, 2022
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It... High Unreviewed
CVE-2017-14229 was published May 13, 2022
The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer... High Unreviewed
CVE-2017-14339 was published May 13, 2022
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after... High Unreviewed
CVE-2017-14519 was published May 13, 2022
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a... High Unreviewed
CVE-2017-14929 was published May 13, 2022
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the... High Unreviewed
CVE-2017-15602 was published May 13, 2022
It was discovered that a programming error in the processing of HTTPS requests in the Apache... High Unreviewed
CVE-2017-6056 was published May 13, 2022
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an... High Unreviewed
CVE-2017-6014 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database