Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

274 advisories

Loading
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of... Moderate Unreviewed
CVE-2023-2952 was published May 31, 2023
An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop. Moderate Unreviewed
CVE-2023-30300 was published May 3, 2023
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a... Moderate Unreviewed
CVE-2015-5278 was published May 24, 2022
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does... Moderate Unreviewed
CVE-2019-1010189 was published May 24, 2022
imagemagick 6.8.9.6 has remote DOS via infinite loop Moderate Unreviewed
CVE-2014-8561 was published May 17, 2022
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2010-0207 was published Apr 21, 2022
An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an... Moderate Unreviewed
CVE-2023-47997 was published Jan 10, 2024
Comparison errorr in org.apache.tika:tika-core Moderate
CVE-2018-8017 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
MarkLee131
Apache Commons Compress vulnerable to denial of service due to infinite loop Moderate
CVE-2018-1324 was published for com.liferay:com.liferay.portal.tools.bundle.support (Maven) Mar 14, 2019
wtwhite MarkLee131
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop... Moderate Unreviewed
CVE-2023-50120 was published Jan 10, 2024
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed
CVE-2023-20200 was published Aug 23, 2023
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be... Moderate Unreviewed
CVE-2023-0437 was published Jan 12, 2024
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2018-20803 was published May 24, 2022
IPAddress Infinite Loop vulnerability (Disputed) Moderate
CVE-2023-50570 was published for com.github.seancfoley:ipaddress (Maven) Dec 29, 2023 withdrawn
mike-jumper
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF Moderate
CVE-2023-46250 was published for pypdf (pip) Oct 31, 2023
Alexhuszagh
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a... Moderate Unreviewed
CVE-2011-1002 was published May 17, 2022
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird... Moderate Unreviewed
CVE-2006-6499 was published May 1, 2022
Loop with Unreachable Exit Condition in Jenkins Moderate
CVE-2018-1000864 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Infinite Loop in Jenkins Core Moderate
CVE-2018-1999044 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character Moderate
CVE-2023-36464 was published for PyPDF2 (pip) Jun 30, 2023
exiledkingcc
OpenFGA Vulnerable to DoS from circular relationship definitions Moderate
CVE-2023-43645 was published for github.com/openfga/openfga (Go) Sep 28, 2023
A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications... Moderate Unreviewed
CVE-2023-20116 was published Jun 28, 2023
OpenFGA vulnerable to denial of service due to circular relationship Moderate
CVE-2023-35933 was published for github.com/openfga/openfga (Go) Jun 28, 2023
PyPDF2 vulnerable to possible Infinite Loop when reading malformed objects Moderate
CVE-2023-36807 was published for PyPDF2 (pip) Jun 30, 2023
MartinThoma
Infinite certificate chain depth results in OctoRPKI running forever Moderate
CVE-2021-3908 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
andrewpollock
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database