GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,013
Erlang
29
GitHub Actions
16
Go
1,806
Maven
5,000+
npm
3,553
NuGet
632
pip
3,148
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
528 advisories
Filter by severity
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when...
High
Unreviewed
CVE-2024-36732
was published
Jun 6, 2024
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function.
High
Unreviewed
CVE-2024-40060
was published
Jul 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
vhost: fix hung thread due...
Moderate
Unreviewed
CVE-2022-48862
was published
Jul 16, 2024
libyaml v0.2.5 is vulnerable to DDOS. Affected by this issue is the function yaml_parser_parse of...
High
Unreviewed
CVE-2024-35328
was published
Jun 13, 2024
In the Linux kernel, the following vulnerability has been resolved:
iavf: Fix hang during reboot...
Moderate
Unreviewed
CVE-2022-48840
was published
Jul 16, 2024
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that...
High
Unreviewed
CVE-2024-1931
was published
Mar 7, 2024
Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the...
Moderate
Unreviewed
CVE-2023-52726
was published
Apr 30, 2024
In the Linux kernel, the following vulnerability has been resolved:
fsdax: Fix infinite loop in...
Moderate
Unreviewed
CVE-2022-48635
was published
Apr 28, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36990
was published
Jul 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix loop termination...
Moderate
Unreviewed
CVE-2024-36288
was published
Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: Avoid infinite...
Moderate
Unreviewed
CVE-2024-35982
was published
May 20, 2024
Low severity (DoS) vulnerability in sequoia-openpgp
Low
GHSA-9344-p847-qm5c
was published
for
sequoia-openpgp
(Rust)
Jun 26, 2024
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When...
High
Unreviewed
CVE-2023-34966
was published
Jul 20, 2023
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
High
CVE-2022-0778
was published
for
openssl-src
(Rust)
Mar 16, 2022
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as...
Low
Unreviewed
CVE-2024-6061
was published
Jun 17, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Moderate
CVE-2024-30172
was published
for
BouncyCastle
(Maven)
May 14, 2024
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability....
Moderate
Unreviewed
CVE-2024-5949
was published
Jun 13, 2024
Windows Hyper-V Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-21408
was published
Mar 12, 2024
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <...
Moderate
Unreviewed
CVE-2023-50763
was published
Jun 11, 2024
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
Moderate
CVE-2024-24786
was published
for
google.golang.org/protobuf
(Go)
Mar 6, 2024
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3...
Moderate
Unreviewed
CVE-2024-4854
was published
May 14, 2024
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite...
Moderate
Unreviewed
CVE-2024-2397
was published
Apr 12, 2024
Moderate severity vulnerability that affects org.apache.commons:commons-compress
Moderate
CVE-2018-11771
was published
for
org.apache.commons:commons-compress
(Maven)
Oct 19, 2018
ProTip!
Advisories are also available from the
GraphQL API