Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

66 advisories

Loading
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic... High Unreviewed
CVE-2024-34158 was published Sep 6, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-37973 was published Jul 9, 2024
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c. High Unreviewed
CVE-2024-32609 was published May 14, 2024
A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and... High Unreviewed
CVE-2024-20311 was published Mar 27, 2024
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0210 was published Jan 3, 2024
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of... High Unreviewed
CVE-2024-0208 was published Jan 3, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0211 was published Jan 3, 2024
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU... High Unreviewed
CVE-2022-47374 was published Dec 12, 2023
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or... High Unreviewed
CVE-2023-4512 was published Aug 24, 2023
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause... High Unreviewed
CVE-2020-23804 was published Aug 22, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability,... High Unreviewed
CVE-2023-2990 was published Jun 22, 2023
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of... High Unreviewed
CVE-2023-31893 was published Jun 5, 2023
A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO... High Unreviewed
CVE-2023-24472 was published Mar 30, 2023
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS... High Unreviewed
CVE-2023-22617 was published Jan 21, 2023
Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue)... High Unreviewed
CVE-2022-46405 was published Dec 4, 2022
It was possible to trigger an infinite recursion condition in the error handler when Hermes... High Unreviewed
CVE-2022-27810 was published Oct 7, 2022
A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This... High Unreviewed
CVE-2022-3216 was published Sep 15, 2022
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of... High Unreviewed
CVE-2022-23460 was published Aug 20, 2022
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-30631 was published Aug 11, 2022
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows... High Unreviewed
CVE-2022-30635 was published Aug 11, 2022
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-30633 was published Aug 11, 2022
Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-30632 was published Aug 11, 2022
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to... High Unreviewed
CVE-2022-30630 was published Aug 11, 2022
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-28131 was published Aug 11, 2022
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could... High Unreviewed
CVE-2019-12295 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database