GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
523 advisories
Filter by severity
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local...
Moderate
Unreviewed
CVE-2020-24221
was published
Aug 11, 2023
A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The...
Moderate
Unreviewed
CVE-2023-4010
was published
Jul 31, 2023
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are...
High
Unreviewed
CVE-2023-3748
was published
Jul 24, 2023
ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at...
Moderate
Unreviewed
CVE-2023-37748
was published
Jul 19, 2023
In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which...
Moderate
Unreviewed
CVE-2021-33294
was published
Jul 18, 2023
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0...
Moderate
Unreviewed
CVE-2023-33305
was published
Jun 13, 2023
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of...
Moderate
Unreviewed
CVE-2023-2952
was published
May 31, 2023
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via...
High
Unreviewed
CVE-2023-2879
was published
May 26, 2023
An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.
Moderate
Unreviewed
CVE-2023-30300
was published
May 3, 2023
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8...
Low
Unreviewed
CVE-2019-12068
was published
May 24, 2022
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a...
Moderate
Unreviewed
CVE-2015-5278
was published
May 24, 2022
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in...
High
Unreviewed
CVE-2019-5097
was published
May 24, 2022
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service...
High
Unreviewed
CVE-2019-18217
was published
May 24, 2022
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does...
Moderate
Unreviewed
CVE-2019-1010189
was published
May 24, 2022
imagemagick 6.8.9.6 has remote DOS via infinite loop
Moderate
Unreviewed
CVE-2014-8561
was published
May 17, 2022
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial...
Moderate
Unreviewed
CVE-2010-0207
was published
Apr 21, 2022
** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special...
High
Unreviewed
CVE-2020-15598
was published
May 24, 2022
Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy.
High
Unreviewed
CVE-2019-25040
was published
May 24, 2022
CodeIgniter4 DoS Vulnerability
High
CVE-2024-29904
was published
for
codeigniter4/framework
(Composer)
Mar 29, 2024
An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an...
Moderate
Unreviewed
CVE-2023-47997
was published
Jan 10, 2024
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to...
High
Unreviewed
CVE-2017-15871
was published
May 13, 2022
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown...
High
Unreviewed
CVE-2023-45232
was published
Jan 16, 2024
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN...
High
Unreviewed
CVE-2023-45233
was published
Jan 16, 2024
Infinite Loop in Apache Tomcat
High
CVE-2020-13935
was published
for
org.apache.tomcat:tomcat
(Maven)
Feb 8, 2022
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of...
High
Unreviewed
CVE-2023-4511
was published
Aug 24, 2023
ProTip!
Advisories are also available from the
GraphQL API