Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

281 advisories

Loading
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4511 was published Aug 24, 2023
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder High
CVE-2018-1336 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume... High Unreviewed
CVE-2023-51890 was published Jan 24, 2024
A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application... High Unreviewed
CVE-2023-20020 was published Jan 20, 2023
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV... High Unreviewed
CVE-2023-20197 was published Aug 17, 2023
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco... High Unreviewed
CVE-2023-20083 was published Nov 1, 2023
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that... High Unreviewed
CVE-2023-43511 was published Jan 2, 2024
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via... High Unreviewed
CVE-2021-42260 was published May 24, 2022
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function High
CVE-2023-51075 was published for cn.hutool:hutool-core (Maven) Dec 27, 2023
ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of... High Unreviewed
CVE-2023-50981 was published Dec 27, 2023
Candid infinite decoding loop through specially crafted payload High
CVE-2023-6245 was published for candid (Rust) Dec 8, 2023
venkkatesh-sekar chenyan-dfinity
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Sierra Wireless, Inc... High Unreviewed
CVE-2023-40458 was published Nov 30, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300... High Unreviewed
CVE-2023-1718 was published Nov 1, 2023
Invalid handling of `X509_verify_cert()` internal errors in libssl High
CVE-2021-4044 was published for openssl-src (Rust) Dec 15, 2021
pinkforest
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply... High Unreviewed
CVE-2022-23098 was published Feb 10, 2022
asyncua vulnerable to denial of service via infinite loop High
CVE-2023-26151 was published for asyncua (pip) Oct 3, 2023
Loop with Unreachable Exit Condition in Netty High
CVE-2016-4970 was published for io.netty:netty-handler (Maven) May 13, 2022
sharonbz
Istio vulnerable to denial of service High
CVE-2019-18817 was published for istio.io/istio (Go) May 24, 2022
Denial of Service in Apache Commons Compress High
CVE-2019-12402 was published for io.github.1tchy.java9modular.org.apache.commons:commons-compress (Maven) Oct 11, 2019
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the... High Unreviewed
CVE-2022-46285 was published Feb 7, 2023
Pion DTLS Header reconstruction method can be thrown into an infinite loop High
CVE-2022-29190 was published for github.com/pion/dtls (Go) May 24, 2022
StackStorm st2 Infinite Loop Condition High
CVE-2021-28667 was published for st2client (pip) May 24, 2022 withdrawn
Routinator infinite loop vulnerability High
CVE-2021-43172 was published for routinator (Rust) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database