GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
236 advisories
Filter by severity
In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer...
Moderate
Unreviewed
CVE-2022-24191
was published
Apr 5, 2022
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the...
Moderate
Unreviewed
CVE-2022-4104
was published
Nov 28, 2022
long running loops in grant table handling In order to properly monitor resource use, Xen...
Moderate
Unreviewed
CVE-2021-28698
was published
May 24, 2022
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device...
Moderate
Unreviewed
CVE-2021-20255
was published
May 24, 2022
An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial...
Moderate
Unreviewed
CVE-2022-35165
was published
Aug 19, 2022
libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG:...
Moderate
Unreviewed
CVE-2022-35166
was published
Aug 19, 2022
Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and...
Moderate
Unreviewed
CVE-2018-6687
was published
May 13, 2022
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization...
Moderate
Unreviewed
CVE-2022-29028
was published
May 21, 2022
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to...
Moderate
Unreviewed
CVE-2013-7488
was published
May 5, 2022
Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an...
Moderate
Unreviewed
CVE-2019-13453
was published
May 24, 2022
An infinite loop may be triggered in display_debug_abbrev() function in binutils/dwarf.c while...
Moderate
Unreviewed
CVE-2022-38128
was published
Sep 2, 2022
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service...
Moderate
Unreviewed
CVE-2019-15143
was published
May 24, 2022
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid...
Moderate
Unreviewed
CVE-2019-19451
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality...
Moderate
Unreviewed
CVE-2019-5091
was published
May 24, 2022
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource...
Moderate
Unreviewed
CVE-2020-1600
was published
May 24, 2022
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
Moderate
Unreviewed
CVE-2020-12663
was published
May 24, 2022
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via...
Moderate
Unreviewed
CVE-2020-13800
was published
May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes...
Moderate
Unreviewed
CVE-2020-14398
was published
May 24, 2022
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer...
Moderate
Unreviewed
CVE-2018-19108
was published
May 13, 2022
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was...
Moderate
Unreviewed
CVE-2020-15466
was published
May 24, 2022
In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an...
Moderate
Unreviewed
CVE-2020-0247
was published
May 24, 2022
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel...
Moderate
Unreviewed
CVE-2020-27152
was published
May 24, 2022
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among...
Moderate
Unreviewed
CVE-2020-16127
was published
May 24, 2022
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw...
Moderate
Unreviewed
CVE-2020-29385
was published
May 24, 2022
A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with...
Moderate
Unreviewed
CVE-2021-25673
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API