Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

209 advisories

Loading
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote... High Unreviewed
CVE-2017-8871 was published May 13, 2022
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an... High Unreviewed
CVE-2019-9747 was published May 13, 2022
In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan... High Unreviewed
CVE-2019-10898 was published May 13, 2022
In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed... High Unreviewed
CVE-2019-10897 was published May 13, 2022
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan... High Unreviewed
CVE-2019-10900 was published May 13, 2022
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions... High Unreviewed
CVE-2018-5818 was published May 13, 2022
libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing... High Unreviewed
CVE-2018-16789 was published May 13, 2022
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed
CVE-2017-18273 was published May 13, 2022
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed
CVE-2017-18271 was published May 13, 2022
The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause... High Unreviewed
CVE-2017-9122 was published May 13, 2022
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in... High Unreviewed
CVE-2019-3833 was published May 13, 2022
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop... High Unreviewed
CVE-2018-20021 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop... High Unreviewed
CVE-2018-7421 was published May 13, 2022
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18... High Unreviewed
CVE-2018-5813 was published May 13, 2022
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote... High Unreviewed
CVE-2017-16944 was published May 13, 2022
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to... High Unreviewed
CVE-2017-13728 was published May 13, 2022
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class... High Unreviewed
CVE-2018-18070 was published May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0... High Unreviewed
CVE-2013-2789 was published May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC... High Unreviewed
CVE-2017-15908 was published May 13, 2022
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause... High Unreviewed
CVE-2016-5042 was published May 13, 2022
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8... High Unreviewed
CVE-2017-2909 was published May 13, 2022
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2009-1270 was published May 2, 2022
A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ... High Unreviewed
CVE-2022-21159 was published Apr 16, 2022
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). High Unreviewed
CVE-2022-23352 was published Mar 22, 2022
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header.... High Unreviewed
CVE-2022-0711 was published Mar 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database