Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+

523 advisories

Loading
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that... High Unreviewed
CVE-2024-1931 was published Mar 7, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34489 was published for ryu (pip) May 5, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34488 was published for ryu (pip) May 5, 2024
Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the... Moderate Unreviewed
CVE-2023-52726 was published Apr 30, 2024
In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in... Moderate Unreviewed
CVE-2022-48635 was published Apr 28, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-36990 was published Jul 1, 2024
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination... Moderate Unreviewed
CVE-2024-36288 was published Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite... Moderate Unreviewed
CVE-2024-35982 was published May 20, 2024
Low severity (DoS) vulnerability in sequoia-openpgp Low
GHSA-9344-p847-qm5c was published for sequoia-openpgp (Rust) Jun 26, 2024
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When... High Unreviewed
CVE-2023-34966 was published Jul 20, 2023
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates High
CVE-2022-0778 was published for openssl-src (Rust) Mar 16, 2022
rajivshah3 michaelkedar
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as... Low Unreviewed
CVE-2024-6061 was published Jun 17, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop Moderate
CVE-2024-30172 was published for BouncyCastle (Maven) May 14, 2024
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability.... Moderate Unreviewed
CVE-2024-5949 was published Jun 13, 2024
Windows Hyper-V Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-21408 was published Mar 12, 2024
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <... Moderate Unreviewed
CVE-2023-50763 was published Jun 11, 2024
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON Moderate
CVE-2024-24786 was published for google.golang.org/protobuf (Go) Mar 6, 2024
oscerd chancez
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3... Moderate Unreviewed
CVE-2024-4854 was published May 14, 2024
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite... Moderate Unreviewed
CVE-2024-2397 was published Apr 12, 2024
Moderate severity vulnerability that affects org.apache.commons:commons-compress Moderate
CVE-2018-11771 was published for org.apache.commons:commons-compress (Maven) Oct 19, 2018
SunBK201
github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS) High
CVE-2021-29482 was published for github.com/ulikunitz/xz (Go) May 25, 2021
0xdecaf
Soot Infinite Loop vulnerability High
CVE-2023-46442 was published for org.soot-oss:soot (Maven) May 24, 2024
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong... Moderate Unreviewed
CVE-2023-3255 was published Sep 13, 2023
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function.... Moderate Unreviewed
CVE-2023-43786 was published Oct 10, 2023
Denial of Service Vulnerability in Rustls Library High
CVE-2024-32650 was published for rustls (Rust) Apr 19, 2024
Taowyoo arai-fortanix
jjfiv s-arash
ProTip! Advisories are also available from the GraphQL API