Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

73 advisories

Loading
Infinite loop condition in Amazon.IonDotnet High
CVE-2025-3857 was published for Amazon.IonDotnet (NuGet) Apr 21, 2025
SurrealDB CPU exhaustion via custom functions result in total DoS High
GHSA-pxw4-94j3-v9pf was published for surrealdb (Rust) Apr 11, 2025
cure53
In Azle, calling `setTimer` causes infinite loop of timers High
CVE-2025-29776 was published for azle (npm) Mar 14, 2025
OpenDJ Denial of Service (DoS) using alias loop High
CVE-2025-27497 was published for org.openidentityplatform.opendj:opendj-server-legacy (Maven) Mar 5, 2025
hannes96
Drupal core Denial of Service High
CVE-2024-11941 was published for drupal/core (Composer) Dec 5, 2024
Aim denial of service vulnerability High
CVE-2024-6227 was published for aim (pip) Jul 8, 2024
Soot Infinite Loop vulnerability High
CVE-2023-46442 was published for org.soot-oss:soot (Maven) May 24, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34489 was published for ryu (pip) May 5, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34488 was published for ryu (pip) May 5, 2024
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests High
CVE-2024-30251 was published for aiohttp (pip) May 3, 2024
bytehope
Denial of Service Vulnerability in Rustls Library High
CVE-2024-32650 was published for rustls (Rust) Apr 19, 2024
Taowyoo arai-fortanix
jjfiv s-arash
Ryu Infinite Loop vulnerability High
CVE-2024-28732 was published for ryu (pip) Apr 8, 2024
CodeIgniter4 DoS Vulnerability High
CVE-2024-29904 was published for codeigniter4/framework (Composer) Mar 29, 2024
colethorsen
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function High
CVE-2023-51075 was published for cn.hutool:hutool-core (Maven) Dec 27, 2023
Candid infinite decoding loop through specially crafted payload High
CVE-2023-6245 was published for candid (Rust) Dec 8, 2023
venkkatesh-sekar chenyan-dfinity
MediaWiki Denial of Service vulnerability High
CVE-2023-45363 was published for mediawiki/core (Composer) Oct 9, 2023
Rudloff
asyncua vulnerable to denial of service via infinite loop High
CVE-2023-26151 was published for asyncua (pip) Oct 3, 2023
x/net/html Vulnerable to DoS During HTML Parsing High
CVE-2018-17846 was published for golang.org/x/net (Go) Sep 25, 2023
Undertow denial of service vulnerability High
CVE-2023-1108 was published for io.undertow:undertow-core (Maven) Sep 14, 2023
marcospds bvahdat
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression High
CVE-2022-3252 was published for github.com/apple/swift-nio-extras (Swift) Jun 7, 2023
vojtarylko
phpseclib Infinite Loop vulnerability High
CVE-2023-27560 was published for phpseclib/phpseclib (Composer) Mar 3, 2023
janedbal
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS) High
CVE-2023-25653 was published for node-jose (npm) Feb 16, 2023
justaugustus bifurcation
socks Infinite Loop vulnerability High
CVE-2013-10005 was published for github.com/btcsuite/go-socks (Go) Dec 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database