Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

444 advisories

Loading
An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP... High Unreviewed
CVE-2021-20041 was published Dec 9, 2021
An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial... Moderate Unreviewed
CVE-2021-44924 was published Dec 22, 2021
An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. Moderate Unreviewed
CVE-2021-45297 was published Dec 22, 2021
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function. High Unreviewed
CVE-2021-45257 was published Dec 23, 2021
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of... High Unreviewed
CVE-2021-4185 was published Dec 31, 2021
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service... High Unreviewed
CVE-2021-4182 was published Dec 31, 2021
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows... High Unreviewed
CVE-2021-4184 was published Dec 31, 2021
Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop. High Unreviewed
CVE-2021-45445 was published Jan 13, 2022
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers... High Unreviewed
CVE-2022-23968 was published Jan 27, 2022
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply... High Unreviewed
CVE-2022-23098 was published Feb 10, 2022
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows... High Unreviewed
CVE-2022-0586 was published Feb 15, 2022
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header.... High Unreviewed
CVE-2022-0711 was published Mar 3, 2022
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while... Moderate Unreviewed
CVE-2021-20257 was published Mar 17, 2022
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). High Unreviewed
CVE-2022-23352 was published Mar 22, 2022
In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer... Moderate Unreviewed
CVE-2022-24191 was published Apr 5, 2022
Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV. Moderate Unreviewed
CVE-2022-1222 was published Apr 5, 2022
A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ... High Unreviewed
CVE-2022-21159 was published Apr 16, 2022
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2010-0207 was published Apr 21, 2022
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU... Moderate Unreviewed
CVE-2004-0748 was published Apr 29, 2022
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote... Moderate Unreviewed
CVE-2004-0753 was published Apr 29, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the... Moderate Unreviewed
CVE-2018-5786 was published Apr 30, 2022
FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers... Moderate Unreviewed
CVE-2005-0851 was published May 1, 2022
aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2005-2224 was published May 1, 2022
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird... Moderate Unreviewed
CVE-2006-6499 was published May 1, 2022
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2009-1270 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database