Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects... High Unreviewed
CVE-2021-42717 was published Dec 8, 2021
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02.... Moderate Unreviewed
CVE-2019-6290 was published May 13, 2022
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is... Moderate Unreviewed
CVE-2019-6293 was published May 13, 2022
An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack... Moderate Unreviewed
CVE-2019-6292 was published May 13, 2022
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows... Moderate Unreviewed
CVE-2019-6285 was published May 13, 2022
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image:... High Unreviewed
CVE-2019-9143 was published May 13, 2022
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and... Moderate Unreviewed
CVE-2018-9138 was published May 13, 2022
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix... High Unreviewed
CVE-2018-20796 was published May 13, 2022
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting... Moderate Unreviewed
CVE-2017-7515 was published May 13, 2022
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp... Moderate Unreviewed
CVE-2019-12213 was published May 24, 2022
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4... Moderate Unreviewed
CVE-2017-0692 was published May 13, 2022
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser... High Unreviewed
CVE-2017-11556 was published May 13, 2022
There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc)... High Unreviewed
CVE-2017-11554 was published May 13, 2022
There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval:... High Unreviewed
CVE-2017-12964 was published May 13, 2022
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017... Moderate Unreviewed
CVE-2017-16419 was published May 13, 2022
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in... High Unreviewed
CVE-2017-5839 was published May 13, 2022
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-9304 was published May 13, 2022
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion)... Moderate Unreviewed
CVE-2017-9617 was published May 13, 2022
It was possible to trigger an infinite recursion condition in the error handler when Hermes... High Unreviewed
CVE-2022-27810 was published Oct 7, 2022
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in... Moderate Unreviewed
CVE-2017-9616 was published May 13, 2022
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause... High Unreviewed
CVE-2017-9766 was published May 13, 2022
In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in the... High Unreviewed
CVE-2017-9729 was published May 13, 2022
An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree:... Moderate Unreviewed
CVE-2018-11254 was published May 13, 2022
Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc... Moderate Unreviewed
CVE-2018-16426 was published May 13, 2022
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a... Moderate Unreviewed
CVE-2018-11597 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database