GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,854

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

157 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a... Moderate Unreviewed

CVE-2020-36691 was published Mar 24, 2023

In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting... Moderate Unreviewed

CVE-2022-37034 was published Feb 2, 2023

A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS... High Unreviewed

CVE-2023-22617 was published Jan 21, 2023

GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite... Moderate Unreviewed

CVE-2022-47662 was published Jan 5, 2023

Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue)... High Unreviewed

CVE-2022-46405 was published Dec 4, 2022

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for... Moderate Unreviewed

CVE-2022-42321 was published Nov 1, 2022

It was possible to trigger an infinite recursion condition in the error handler when Hermes... High Unreviewed

CVE-2022-27810 was published Oct 7, 2022

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively... Moderate Unreviewed

CVE-2022-31628 was published Sep 29, 2022

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37... Moderate Unreviewed

CVE-2022-28201 was published Sep 20, 2022

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. Moderate Unreviewed

CVE-2022-3222 was published Sep 16, 2022

XPDF v4.04 was discovered to contain a stack overflow via the function Catalog::countPageTree()... Moderate Unreviewed

CVE-2022-38334 was published Sep 16, 2022

A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This... High Unreviewed

CVE-2022-3216 was published Sep 15, 2022

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial... Moderate Unreviewed

CVE-2021-3997 was published Aug 24, 2022

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of... High Unreviewed

CVE-2022-23460 was published Aug 20, 2022

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed

CVE-2022-30633 was published Aug 11, 2022

Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed

CVE-2022-30631 was published Aug 11, 2022

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows... High Unreviewed

CVE-2022-30635 was published Aug 11, 2022

Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed

CVE-2022-30632 was published Aug 11, 2022

Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed

CVE-2022-28131 was published Aug 11, 2022

Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to... High Unreviewed

CVE-2022-30630 was published Aug 11, 2022

Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow... Moderate Unreviewed

CVE-2022-1962 was published Aug 11, 2022

A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for... Moderate Unreviewed

CVE-2019-18854 was published May 24, 2022

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could... High Unreviewed

CVE-2019-12295 was published May 24, 2022

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp... Moderate Unreviewed

CVE-2019-12213 was published May 24, 2022

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3... High Unreviewed

CVE-2021-39929 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

157 advisories