GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
202 advisories
Filter by severity
An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP...
High
Unreviewed
CVE-2021-20041
was published
Dec 9, 2021
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.
High
Unreviewed
CVE-2021-45257
was published
Dec 23, 2021
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of...
High
Unreviewed
CVE-2021-4185
was published
Dec 31, 2021
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service...
High
Unreviewed
CVE-2021-4182
was published
Dec 31, 2021
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows...
High
Unreviewed
CVE-2021-4184
was published
Dec 31, 2021
Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop.
High
Unreviewed
CVE-2021-45445
was published
Jan 13, 2022
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers...
High
Unreviewed
CVE-2022-23968
was published
Jan 27, 2022
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply...
High
Unreviewed
CVE-2022-23098
was published
Feb 10, 2022
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows...
High
Unreviewed
CVE-2022-0586
was published
Feb 15, 2022
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header....
High
Unreviewed
CVE-2022-0711
was published
Mar 3, 2022
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
High
Unreviewed
CVE-2022-23352
was published
Mar 22, 2022
A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ...
High
Unreviewed
CVE-2022-21159
was published
Apr 16, 2022
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2009-1270
was published
May 2, 2022
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8...
High
Unreviewed
CVE-2017-2909
was published
May 13, 2022
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause...
High
Unreviewed
CVE-2016-5042
was published
May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC...
High
Unreviewed
CVE-2017-15908
was published
May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0...
High
Unreviewed
CVE-2013-2789
was published
May 13, 2022
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class...
High
Unreviewed
CVE-2018-18070
was published
May 13, 2022
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to...
High
Unreviewed
CVE-2017-13728
was published
May 13, 2022
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote...
High
Unreviewed
CVE-2017-16944
was published
May 13, 2022
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18...
High
Unreviewed
CVE-2018-5813
was published
May 13, 2022
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop...
High
Unreviewed
CVE-2018-7421
was published
May 13, 2022
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop...
High
Unreviewed
CVE-2018-20021
was published
May 13, 2022
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in...
High
Unreviewed
CVE-2019-3833
was published
May 13, 2022
The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause...
High
Unreviewed
CVE-2017-9122
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API