GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
203 advisories
Filter by severity
In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible...
High
Unreviewed
CVE-2017-13313
was published
Nov 16, 2024
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to...
High
Unreviewed
CVE-2024-50321
was published
Nov 12, 2024
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to...
High
Unreviewed
CVE-2024-50320
was published
Nov 12, 2024
An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to...
High
Unreviewed
CVE-2024-50319
was published
Nov 12, 2024
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of...
High
Unreviewed
CVE-2024-52532
was published
Nov 11, 2024
Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP...
High
Unreviewed
CVE-2024-45692
was published
Sep 5, 2024
There is a HIGH severity vulnerability affecting the CPython "zipfile"
module.
When...
High
Unreviewed
CVE-2024-8088
was published
Aug 22, 2024
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.
High
Unreviewed
CVE-2024-23352
was published
Aug 5, 2024
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function.
High
Unreviewed
CVE-2024-40060
was published
Jul 23, 2024
libyaml v0.2.5 is vulnerable to DDOS. Affected by this issue is the function yaml_parser_parse of...
High
Unreviewed
CVE-2024-35328
was published
Jun 13, 2024
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when...
High
Unreviewed
CVE-2024-36732
was published
Jun 6, 2024
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2024-20353
was published
Apr 24, 2024
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.
...
High
Unreviewed
CVE-2024-24746
was published
Apr 6, 2024
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that...
High
Unreviewed
CVE-2024-1931
was published
Mar 7, 2024
Certain WithSecure products allow a Denial of Service because the engine scanner can go into an...
High
Unreviewed
CVE-2024-27359
was published
Feb 26, 2024
An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume...
High
Unreviewed
CVE-2023-51890
was published
Jan 24, 2024
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown...
High
Unreviewed
CVE-2023-45232
was published
Jan 16, 2024
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN...
High
Unreviewed
CVE-2023-45233
was published
Jan 16, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or...
High
Unreviewed
CVE-2024-0211
was published
Jan 3, 2024
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that...
High
Unreviewed
CVE-2023-43511
was published
Jan 2, 2024
ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of...
High
Unreviewed
CVE-2023-50981
was published
Dec 27, 2023
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Sierra Wireless, Inc...
High
Unreviewed
CVE-2023-40458
was published
Nov 30, 2023
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco...
High
Unreviewed
CVE-2023-20083
was published
Nov 1, 2023
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300...
High
Unreviewed
CVE-2023-1718
was published
Nov 1, 2023
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper...
High
Unreviewed
CVE-2023-44181
was published
Oct 13, 2023
ProTip!
Advisories are also available from the
GraphQL API