GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,409

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

156 advisories

Filter by severity

Sort by

Least recently updated

A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed... High Unreviewed

CVE-2021-3530 was published May 24, 2022

Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the ... Moderate Unreviewed

CVE-2020-20213 was published May 24, 2022

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device... Moderate Unreviewed

CVE-2021-20255 was published May 24, 2022

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter... High Unreviewed

CVE-2021-36773 was published May 24, 2022

Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause... Moderate Unreviewed

CVE-2020-18392 was published May 24, 2022

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call... Moderate Unreviewed

CVE-2021-39257 was published May 24, 2022

A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers... Moderate Unreviewed

CVE-2020-18898 was published May 24, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an... Moderate Unreviewed

CVE-2017-0886 was published May 13, 2022

Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed

CVE-2022-30631 was published Aug 11, 2022

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows... High Unreviewed

CVE-2022-30635 was published Aug 11, 2022

Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed

CVE-2022-30632 was published Aug 11, 2022

Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow... Moderate Unreviewed

CVE-2022-1962 was published Aug 11, 2022

Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to... High Unreviewed

CVE-2022-30630 was published Aug 11, 2022

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed

CVE-2022-30633 was published Aug 11, 2022

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37... Moderate Unreviewed

CVE-2022-28201 was published Sep 20, 2022

An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match... High Unreviewed

CVE-2019-11413 was published May 24, 2022

compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of... Moderate Unreviewed

CVE-2022-30974 was published May 19, 2022

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart... High Unreviewed

CVE-2018-4002 was published May 24, 2022

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE... Moderate Unreviewed

CVE-2019-11779 was published May 24, 2022

ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because... Moderate Unreviewed

CVE-2019-18853 was published May 24, 2022

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba... Moderate Unreviewed

CVE-2020-10704 was published May 24, 2022

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and... High Unreviewed

CVE-2021-27434 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the resource record-parsing... Moderate Unreviewed

CVE-2020-6071 was published May 24, 2022

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack"... Moderate Unreviewed

CVE-2020-12662 was published May 24, 2022

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against... Moderate Unreviewed

CVE-2020-10995 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

156 advisories