Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

541 advisories

Loading
Infinite Loop in Django High
CVE-2022-23833 was published for Django (pip) Feb 4, 2022
tdunlap607 MarkLee131
In the Linux kernel, the following vulnerability has been resolved: libfs: fix infinite... Moderate Unreviewed
CVE-2024-46701 was published Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite... Moderate Unreviewed
CVE-2021-47617 was published Jun 20, 2024
Pylons Colander Denial of Service vulnerability High
CVE-2017-18361 was published for colander (pip) Feb 7, 2019
tdunlap607
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg... Moderate Unreviewed
CVE-2018-19777 was published May 13, 2022
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c... Moderate Unreviewed
CVE-2018-10289 was published May 13, 2022
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the... Moderate Unreviewed
CVE-2018-5686 was published May 13, 2022
In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in... Moderate Unreviewed
CVE-2024-42246 was published Aug 7, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop Moderate
CVE-2024-30172 was published for BouncyCastle (Maven) May 14, 2024
levpachmanov
Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP... High Unreviewed
CVE-2024-45692 was published Sep 5, 2024
There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When... High Unreviewed
CVE-2024-8088 was published Aug 22, 2024
sigstore-go has an unbounded loop over untrusted input can lead to endless data attack Low
CVE-2024-45395 was published for github.com/sigstore/sigstore-go (Go) Sep 4, 2024
AdamKorcz codysoyland
Aim denial of service vulnerability High
CVE-2024-6227 was published for aim (pip) Jul 8, 2024
Stack overflow due to looping TFLite subgraph High
CVE-2021-29591 was published for tensorflow (pip) May 21, 2021
libyaml v0.2.5 is vulnerable to DDOS. Affected by this issue is the function yaml_parser_parse of... High Unreviewed
CVE-2024-35328 was published Jun 13, 2024
Soot Infinite Loop vulnerability High
CVE-2023-46442 was published for org.soot-oss:soot (Maven) May 24, 2024
In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when... Moderate Unreviewed
CVE-2024-43828 was published Aug 17, 2024
In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite... Moderate Unreviewed
CVE-2024-41088 was published Jul 29, 2024
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.  ... High Unreviewed
CVE-2024-24746 was published Apr 6, 2024
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix... Moderate Unreviewed
CVE-2024-40995 was published Jul 12, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an... Moderate Unreviewed
CVE-2021-22197 was published May 24, 2022
In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in ... Moderate Unreviewed
CVE-2024-42240 was published Aug 7, 2024
Certain WithSecure products allow a Denial of Service because the engine scanner can go into an... High Unreviewed
CVE-2024-27359 was published Feb 26, 2024
Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA. High Unreviewed
CVE-2024-23352 was published Aug 5, 2024
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when... High Unreviewed
CVE-2024-36732 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API