Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

271 advisories

Loading
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300... High Unreviewed
CVE-2023-1718 was published Nov 1, 2023
Invalid handling of `X509_verify_cert()` internal errors in libssl High
CVE-2021-4044 was published for openssl-src (Rust) Dec 15, 2021
pinkforest
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply... High Unreviewed
CVE-2022-23098 was published Feb 10, 2022
asyncua vulnerable to denial of service via infinite loop High
CVE-2023-26151 was published for asyncua (pip) Oct 3, 2023
Loop with Unreachable Exit Condition in Netty High
CVE-2016-4970 was published for io.netty:netty-handler (Maven) May 13, 2022
sharonbz
Istio vulnerable to denial of service High
CVE-2019-18817 was published for istio.io/istio (Go) May 24, 2022
Denial of Service in Apache Commons Compress High
CVE-2019-12402 was published for io.github.1tchy.java9modular.org.apache.commons:commons-compress (Maven) Oct 11, 2019
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the... High Unreviewed
CVE-2022-46285 was published Feb 7, 2023
Pion DTLS Header reconstruction method can be thrown into an infinite loop High
CVE-2022-29190 was published for github.com/pion/dtls (Go) May 24, 2022
StackStorm st2 Infinite Loop Condition High
CVE-2021-28667 was published for st2client (pip) May 24, 2022 withdrawn
Routinator infinite loop vulnerability High
CVE-2021-43172 was published for routinator (Rust) May 24, 2022
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some... High Unreviewed
CVE-2022-44617 was published Feb 7, 2023
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression High
CVE-2022-3252 was published for github.com/apple/swift-nio-extras (Swift) Jun 7, 2023
vojtarylko
Integer Overflow/Infinite Loop in the http crate High
CVE-2020-25574 was published for http (Rust) Aug 25, 2021
Nokogiri gem, via libxml, is affected by DoS vulnerabilities High
CVE-2017-16932 was published for nokogiri (RubyGems) May 13, 2022
libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation High
CVE-2020-7595 was published for nokogiri (RubyGems) Feb 24, 2020
This vulnerability allows remote attackers to create a denial-of-service condition on affected... High Unreviewed
CVE-2022-37013 was published Mar 29, 2023
RubyGems Infinite Loop vulnerability High
CVE-2018-1000075 was published for org.jruby:jruby-stdlib (RubyGems) May 13, 2022
Asciidoctor Infinite Loop vulnerability High
CVE-2018-18385 was published for asciidoctor (RubyGems) May 13, 2022
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek... High Unreviewed
CVE-2019-14442 was published May 24, 2022
Denial of service in modem due to missing null check while processing IP packets with padding High Unreviewed
CVE-2022-25734 was published Feb 12, 2023
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS) High
CVE-2023-25653 was published for node-jose (npm) Feb 16, 2023
justaugustus bifurcation
socks Infinite Loop vulnerability High
CVE-2013-10005 was published for github.com/btcsuite/go-socks (Go) Dec 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database