GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
563 advisories
Filter by severity
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the...
Moderate
Unreviewed
CVE-2018-5786
was published
Apr 30, 2022
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing...
Moderate
Unreviewed
CVE-2020-27618
was published
May 24, 2022
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby...
High
Unreviewed
CVE-2022-28882
was published
Aug 24, 2022
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service...
High
Unreviewed
CVE-2021-22235
was published
May 24, 2022
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a...
Moderate
Unreviewed
CVE-2015-5239
was published
May 24, 2022
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU
High
CVE-2022-35724
was published
for
apache-avro
(Rust)
Aug 10, 2022
FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers...
Moderate
Unreviewed
CVE-2005-0851
was published
May 1, 2022
Endless Infinite loop in Blender-thumnailing due to logical bugs.
High
Unreviewed
CVE-2022-2833
was published
Aug 17, 2022
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where...
High
Unreviewed
CVE-2022-28884
was published
Sep 7, 2022
aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2005-2224
was published
May 1, 2022
In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an...
Moderate
Unreviewed
CVE-2022-20476
was published
Dec 13, 2022
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming...
High
Unreviewed
CVE-2022-33238
was published
Dec 13, 2022
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME...
High
Unreviewed
CVE-2022-48256
was published
Jan 13, 2023
linux-loader reading beyond EOF could lead to infinite loop
Low
CVE-2022-23523
was published
for
linux-loader
(Rust)
Dec 12, 2022
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2009-1270
was published
May 2, 2022
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end...
Moderate
Unreviewed
CVE-2021-42715
was published
May 24, 2022
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU...
Moderate
Unreviewed
CVE-2004-0748
was published
Apr 29, 2022
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2010-1282
was published
May 2, 2022
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite...
Moderate
Unreviewed
CVE-2012-0248
was published
May 4, 2022
Infinite Loop in Apache Sanselan
High
CVE-2018-17202
was published
for
org.apache.sanselan:sanselan
(Maven)
May 14, 2019
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause...
High
Unreviewed
CVE-2016-5042
was published
May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC...
High
Unreviewed
CVE-2017-15908
was published
May 13, 2022
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter...
High
Unreviewed
CVE-2022-34661
was published
Aug 11, 2022
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local...
Moderate
Unreviewed
CVE-2015-8785
was published
May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0...
High
Unreviewed
CVE-2013-2789
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API