Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of... High Unreviewed
CVE-2024-0842 was published Feb 9, 2024
Denial of service in HashiCorp Consul High
CVE-2020-25201 was published for github.com/hashicorp/consul (Go) Jan 31, 2024
phpseclib vulnerable to denial of service High
CVE-2023-49316 was published for phpseclib/phpseclib (Composer) Nov 27, 2023
kdambekalns iekadou
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server... High Unreviewed
CVE-2023-5632 was published Oct 18, 2023
Keylime's registrar vulnerable to Denial-of-service attack via a single open connection High
CVE-2023-38200 was published for keylime (pip) Aug 1, 2023
Apache Sling Resource Merger has Excessive Iteration vulnerability High
CVE-2023-26513 was published for org.apache.sling:org.apache.sling.resourcemerger (Maven) Mar 20, 2023
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386... High Unreviewed
CVE-2021-3128 was published May 24, 2022
In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL... High Unreviewed
CVE-2021-3125 was published May 24, 2022
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive... High Unreviewed
CVE-2021-23270 was published May 24, 2022
srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU... High Unreviewed
CVE-2020-35573 was published May 24, 2022
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of... High Unreviewed
CVE-2019-3559 was published May 24, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop... High Unreviewed
CVE-2018-9261 was published May 13, 2022
The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9257 was published May 13, 2022
The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9256 was published May 13, 2022
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9253 was published May 13, 2022
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9254 was published May 13, 2022
The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9255 was published May 13, 2022
In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File)... High Unreviewed
CVE-2017-14222 was published May 13, 2022
In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause... High Unreviewed
CVE-2017-14057 was published May 13, 2022
In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and... High Unreviewed
CVE-2017-14059 was published May 13, 2022
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14055 was published May 13, 2022
In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14056 was published May 13, 2022
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14054 was published May 13, 2022
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c. High Unreviewed
CVE-2017-12587 was published May 13, 2022
The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a... High Unreviewed
CVE-2017-11549 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database