Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

561 advisories

Loading
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the... Moderate Unreviewed
CVE-2018-5786 was published Apr 30, 2022
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing... Moderate Unreviewed
CVE-2020-27618 was published May 24, 2022
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby... High Unreviewed
CVE-2022-28882 was published Aug 24, 2022
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service... High Unreviewed
CVE-2021-22235 was published May 24, 2022
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a... Moderate Unreviewed
CVE-2015-5239 was published May 24, 2022
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU High
CVE-2022-35724 was published for apache-avro (Rust) Aug 10, 2022
FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers... Moderate Unreviewed
CVE-2005-0851 was published May 1, 2022
Endless Infinite loop in Blender-thumnailing due to logical bugs. High Unreviewed
CVE-2022-2833 was published Aug 17, 2022
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where... High Unreviewed
CVE-2022-28884 was published Sep 7, 2022
aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2005-2224 was published May 1, 2022
In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an... Moderate Unreviewed
CVE-2022-20476 was published Dec 13, 2022
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming... High Unreviewed
CVE-2022-33238 was published Dec 13, 2022
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME... High Unreviewed
CVE-2022-48256 was published Jan 13, 2023
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2009-1270 was published May 2, 2022
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end... Moderate Unreviewed
CVE-2021-42715 was published May 24, 2022
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU... Moderate Unreviewed
CVE-2004-0748 was published Apr 29, 2022
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2010-1282 was published May 2, 2022
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite... Moderate Unreviewed
CVE-2012-0248 was published May 4, 2022
Infinite Loop in Apache Sanselan High
CVE-2018-17202 was published for org.apache.sanselan:sanselan (Maven) May 14, 2019
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause... High Unreviewed
CVE-2016-5042 was published May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC... High Unreviewed
CVE-2017-15908 was published May 13, 2022
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter... High Unreviewed
CVE-2022-34661 was published Aug 11, 2022
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local... Moderate Unreviewed
CVE-2015-8785 was published May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0... High Unreviewed
CVE-2013-2789 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database