Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

281 advisories

Loading
github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS) High
CVE-2021-29482 was published for github.com/ulikunitz/xz (Go) May 25, 2021
0xdecaf
Denial of Service Vulnerability in Rustls Library High
CVE-2024-32650 was published for rustls (Rust) Apr 19, 2024
Taowyoo arai-fortanix
jjfiv s-arash
golang.org/x/net/html Infinite Loop vulnerability High
CVE-2021-33194 was published for golang.org/x/net (Go) May 24, 2022
Infinite Loop in jsonparser High
CVE-2020-10675 was published for github.com/buger/jsonparser (Go) May 18, 2021
x/net/html Vulnerable to DoS During HTML Parsing High
CVE-2018-17846 was published for golang.org/x/net (Go) Sep 25, 2023
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and... High Unreviewed
CVE-2019-3900 was published May 24, 2022
Undertow denial of service vulnerability High
CVE-2023-1108 was published for io.undertow:undertow-core (Maven) Sep 14, 2023
marcospds bvahdat
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests High
CVE-2024-30251 was published for aiohttp (pip) May 3, 2024
bytehope
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6... High Unreviewed
CVE-2023-38197 was published Jul 13, 2023
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2024-20353 was published Apr 24, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-28732 was published for ryu (pip) Apr 8, 2024
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be... High Unreviewed
CVE-2022-27781 was published Jun 3, 2022
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper... High Unreviewed
CVE-2023-44181 was published Oct 13, 2023
Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure... High Unreviewed
CVE-2023-43761 was published Sep 22, 2023
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file... High Unreviewed
CVE-2023-42524 was published Sep 18, 2023
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file... High Unreviewed
CVE-2023-42525 was published Sep 18, 2023
Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote... High Unreviewed
CVE-2023-30188 was published Aug 14, 2023
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are... High Unreviewed
CVE-2023-3748 was published Jul 24, 2023
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via... High Unreviewed
CVE-2023-2879 was published May 26, 2023
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in... High Unreviewed
CVE-2019-5097 was published May 24, 2022
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service... High Unreviewed
CVE-2019-18217 was published May 24, 2022
** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special... High Unreviewed
CVE-2020-15598 was published May 24, 2022
Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. High Unreviewed
CVE-2019-25040 was published May 24, 2022
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to... High Unreviewed
CVE-2017-15871 was published May 13, 2022
Infinite Loop in Apache Tomcat High
CVE-2020-13935 was published for org.apache.tomcat:tomcat (Maven) Feb 8, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database