Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

266 advisories

Loading
Moderate severity vulnerability that affects org.apache.commons:commons-compress Moderate
CVE-2018-11771 was published for org.apache.commons:commons-compress (Maven) Oct 19, 2018
SunBK201
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong... Moderate Unreviewed
CVE-2023-3255 was published Sep 13, 2023
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function.... Moderate Unreviewed
CVE-2023-43786 was published Oct 10, 2023
golang.org/x/text Infinite loop Moderate
CVE-2020-14040 was published for golang.org/x/text (Go) May 18, 2021
Loop with Unreachable Exit Condition in Apache CXF Moderate
CVE-2014-3584 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 13, 2022
sunSUNQ SunBK201
Vitess vulnerable to infinite memory consumption and vtgate crash Moderate
CVE-2024-32886 was published for github.com/vitessio/vitess (Go) May 8, 2024
dbussink mattrobenolt
vmg
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on... Moderate Unreviewed
CVE-2024-26603 was published Feb 26, 2024
A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality... Moderate Unreviewed
CVE-2023-22325 was published Oct 12, 2023
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to... Moderate Unreviewed
CVE-2022-40090 was published Aug 22, 2023
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause... Moderate Unreviewed
CVE-2020-36023 was published Aug 11, 2023
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local... Moderate Unreviewed
CVE-2020-24221 was published Aug 11, 2023
A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The... Moderate Unreviewed
CVE-2023-4010 was published Jul 31, 2023
ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at... Moderate Unreviewed
CVE-2023-37748 was published Jul 19, 2023
In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which... Moderate Unreviewed
CVE-2021-33294 was published Jul 18, 2023
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0... Moderate Unreviewed
CVE-2023-33305 was published Jun 13, 2023
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of... Moderate Unreviewed
CVE-2023-2952 was published May 31, 2023
An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop. Moderate Unreviewed
CVE-2023-30300 was published May 3, 2023
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a... Moderate Unreviewed
CVE-2015-5278 was published May 24, 2022
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does... Moderate Unreviewed
CVE-2019-1010189 was published May 24, 2022
imagemagick 6.8.9.6 has remote DOS via infinite loop Moderate Unreviewed
CVE-2014-8561 was published May 17, 2022
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2010-0207 was published Apr 21, 2022
An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an... Moderate Unreviewed
CVE-2023-47997 was published Jan 10, 2024
Comparison errorr in org.apache.tika:tika-core Moderate
CVE-2018-8017 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
MarkLee131
Apache Commons Compress vulnerable to denial of service due to infinite loop Moderate
CVE-2018-1324 was published for com.liferay:com.liferay.portal.tools.bundle.support (Maven) Mar 14, 2019
wtwhite MarkLee131
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop... Moderate Unreviewed
CVE-2023-50120 was published Jan 10, 2024
ProTip! Advisories are also available from the GraphQL API