Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

565 advisories

Loading
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes... Moderate Unreviewed
CVE-2020-14398 was published May 24, 2022
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6... High Unreviewed
CVE-2022-33239 was published Nov 15, 2022
cumulative-distribution-function Infinite Loop vulnerability High
CVE-2021-29486 was published for cumulative-distribution-function (npm) May 4, 2021
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer... Moderate Unreviewed
CVE-2018-19108 was published May 13, 2022
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was... Moderate Unreviewed
CVE-2020-15466 was published May 24, 2022
In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an... Moderate Unreviewed
CVE-2020-0247 was published May 24, 2022
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service... High Unreviewed
CVE-2019-18796 was published May 24, 2022
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an... High Unreviewed
CVE-2020-26575 was published May 24, 2022
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel... Moderate Unreviewed
CVE-2020-27152 was published May 24, 2022
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among... Moderate Unreviewed
CVE-2020-16127 was published May 24, 2022
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option... High Unreviewed
CVE-2020-24337 was published May 24, 2022
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw... Moderate Unreviewed
CVE-2020-29385 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13986 was published May 24, 2022
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack... High Unreviewed
CVE-2020-13984 was published May 24, 2022
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the... High Unreviewed
CVE-2020-36227 was published May 24, 2022
picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop)... High Unreviewed
CVE-2020-24944 was published May 24, 2022
A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with... Moderate Unreviewed
CVE-2021-25673 was published May 24, 2022
Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to... Moderate Unreviewed
CVE-2020-11186 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a... Moderate Unreviewed
CVE-2020-36310 was published May 24, 2022
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the... High Unreviewed
CVE-2020-28095 was published May 24, 2022
wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the... Moderate Unreviewed
CVE-2021-44718 was published Sep 3, 2022
A flaw was found in PDFResurrect in version 0.22b. There is an infinite loop in... Moderate Unreviewed
CVE-2021-3508 was published May 24, 2022
In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured... Moderate Unreviewed
CVE-2021-0221 was published May 24, 2022
On BIG-IP version 16.0.x before 16.0.1.1 and 15.1.x before 15.1.3, malformed HTTP/2 requests may... High Unreviewed
CVE-2021-23009 was published May 24, 2022
Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An... Moderate Unreviewed
CVE-2020-9307 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database