GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,964
Erlang
29
GitHub Actions
16
Go
1,746
Maven
4,974
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
517 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix loop termination...
Moderate
Unreviewed
CVE-2024-36288
was published
Jun 21, 2024
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
High
CVE-2022-0778
was published
for
openssl-src
(Rust)
Mar 16, 2022
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as...
Low
Unreviewed
CVE-2024-6061
was published
Jun 17, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Moderate
CVE-2024-30172
was published
for
BouncyCastle
(Maven)
May 14, 2024
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability....
Moderate
Unreviewed
CVE-2024-5949
was published
Jun 13, 2024
Windows Hyper-V Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-21408
was published
Mar 12, 2024
A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions <...
Moderate
Unreviewed
CVE-2023-50763
was published
Jun 11, 2024
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
Moderate
CVE-2024-24786
was published
for
google.golang.org/protobuf
(Go)
Mar 6, 2024
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3...
Moderate
Unreviewed
CVE-2024-4854
was published
May 14, 2024
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite...
Moderate
Unreviewed
CVE-2024-2397
was published
Apr 12, 2024
Moderate severity vulnerability that affects org.apache.commons:commons-compress
Moderate
CVE-2018-11771
was published
for
org.apache.commons:commons-compress
(Maven)
Oct 19, 2018
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: Avoid infinite...
Moderate
Unreviewed
CVE-2024-35982
was published
May 20, 2024
github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)
High
CVE-2021-29482
was published
for
github.com/ulikunitz/xz
(Go)
May 25, 2021
Soot Infinite Loop vulnerability
High
CVE-2023-46442
was published
for
org.soot-oss:soot
(Maven)
May 24, 2024
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function....
Moderate
Unreviewed
CVE-2023-43786
was published
Oct 10, 2023
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong...
Moderate
Unreviewed
CVE-2023-3255
was published
Sep 13, 2023
Denial of Service Vulnerability in Rustls Library
High
CVE-2024-32650
was published
for
rustls
(Rust)
Apr 19, 2024
golang.org/x/net/html Infinite Loop vulnerability
High
CVE-2021-33194
was published
for
golang.org/x/net
(Go)
May 24, 2022
Infinite Loop in jsonparser
High
CVE-2020-10675
was published
for
github.com/buger/jsonparser
(Go)
May 18, 2021
x/net/html Vulnerable to DoS During HTML Parsing
High
CVE-2018-17846
was published
for
golang.org/x/net
(Go)
Sep 25, 2023
golang.org/x/text Infinite loop
Moderate
CVE-2020-14040
was published
for
golang.org/x/text
(Go)
May 18, 2021
Loop with Unreachable Exit Condition in Apache CXF
Moderate
CVE-2014-3584
was published
for
org.apache.cxf:cxf-rt-frontend-jaxrs
(Maven)
May 13, 2022
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.
...
Unknown
Unreviewed
CVE-2024-24746
was published
Apr 6, 2024
Vitess vulnerable to infinite memory consumption and vtgate crash
Moderate
CVE-2024-32886
was published
for
github.com/vitessio/vitess
(Go)
May 8, 2024
ProTip!
Advisories are also available from the
GraphQL API