Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

156 advisories

Loading
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic... High Unreviewed
CVE-2024-34158 was published Sep 6, 2024
In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -... Moderate Unreviewed
CVE-2024-44996 was published Sep 4, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion... Low Unreviewed
CVE-2024-7866 was published Aug 15, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-37973 was published Jul 9, 2024
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c. High Unreviewed
CVE-2024-32609 was published May 14, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion... Low Unreviewed
CVE-2024-4568 was published May 6, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and... Low Unreviewed
CVE-2024-3247 was published Apr 3, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and... Low Unreviewed
CVE-2024-3248 was published Apr 3, 2024
LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such... Critical Unreviewed
CVE-2023-51803 was published Apr 1, 2024
A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and... High Unreviewed
CVE-2024-20311 was published Mar 27, 2024
An issue in the anchors subparser of Showdownjs versions <= 2.1.0 could allow a remote attacker... Moderate Unreviewed
CVE-2024-1899 was published Feb 26, 2024
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0210 was published Jan 3, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0211 was published Jan 3, 2024
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of... High Unreviewed
CVE-2024-0208 was published Jan 3, 2024
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU... High Unreviewed
CVE-2022-47374 was published Dec 12, 2023
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push... Moderate Unreviewed
CVE-2023-31794 was published Oct 31, 2023
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or... High Unreviewed
CVE-2023-4512 was published Aug 24, 2023
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. Moderate Unreviewed
CVE-2022-48545 was published Aug 22, 2023
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause... High Unreviewed
CVE-2020-23804 was published Aug 22, 2023
 In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion... Moderate Unreviewed
CVE-2023-2663 was published Jul 6, 2023
 In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite... Moderate Unreviewed
CVE-2023-2664 was published Jul 6, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability,... High Unreviewed
CVE-2023-2990 was published Jun 22, 2023
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of... High Unreviewed
CVE-2023-31893 was published Jun 5, 2023
A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO... High Unreviewed
CVE-2023-24472 was published Mar 30, 2023
An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a... Moderate Unreviewed
CVE-2020-36691 was published Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API