Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

573 advisories

Loading
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file... High Unreviewed
CVE-2023-42525 was published Sep 18, 2023
Undertow denial of service vulnerability High
CVE-2023-1108 was published for io.undertow:undertow-core (Maven) Sep 14, 2023
marcospds bvahdat
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong... Moderate Unreviewed
CVE-2023-3255 was published Sep 13, 2023
Improper Handling of Exceptional Conditions vulnerability in Daurnimator HTTP Library for Lua... High Unreviewed
CVE-2023-4540 was published Sep 5, 2023
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4511 was published Aug 24, 2023
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed
CVE-2023-20200 was published Aug 23, 2023
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to... Moderate Unreviewed
CVE-2022-40090 was published Aug 22, 2023
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV... High Unreviewed
CVE-2023-20197 was published Aug 17, 2023
Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote... High Unreviewed
CVE-2023-30188 was published Aug 14, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause... Moderate Unreviewed
CVE-2020-36023 was published Aug 11, 2023
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local... Moderate Unreviewed
CVE-2020-24221 was published Aug 11, 2023
A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The... Moderate Unreviewed
CVE-2023-4010 was published Jul 31, 2023
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are... High Unreviewed
CVE-2023-3748 was published Jul 24, 2023
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When... High Unreviewed
CVE-2023-34966 was published Jul 20, 2023
ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at... Moderate Unreviewed
CVE-2023-37748 was published Jul 19, 2023
In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which... Moderate Unreviewed
CVE-2021-33294 was published Jul 18, 2023
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6... High Unreviewed
CVE-2023-38197 was published Jul 13, 2023
PyPDF2 vulnerable to possible Infinite Loop when reading malformed objects Moderate
CVE-2023-36807 was published for PyPDF2 (pip) Jun 30, 2023
MartinThoma
pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character Moderate
CVE-2023-36464 was published for PyPDF2 (pip) Jun 30, 2023
exiledkingcc
OpenFGA vulnerable to denial of service due to circular relationship Moderate
CVE-2023-35933 was published for github.com/openfga/openfga (Go) Jun 28, 2023
A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications... Moderate Unreviewed
CVE-2023-20116 was published Jun 28, 2023
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0... Moderate Unreviewed
CVE-2023-33305 was published Jun 13, 2023
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression High
CVE-2022-3252 was published for github.com/apple/swift-nio-extras (Swift) Jun 7, 2023
vojtarylko
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database