Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

573 advisories

Loading
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2018-14567 was published May 13, 2022
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause... Moderate Unreviewed
CVE-2017-8112 was published May 13, 2022
The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause... High Unreviewed
CVE-2017-9122 was published May 13, 2022
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid... Moderate Unreviewed
CVE-2019-3819 was published May 13, 2022
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in... High Unreviewed
CVE-2019-3833 was published May 13, 2022
LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop... High Unreviewed
CVE-2018-20021 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop... High Unreviewed
CVE-2018-7421 was published May 13, 2022
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator)... Moderate Unreviewed
CVE-2017-5987 was published May 13, 2022
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local... Moderate Unreviewed
CVE-2017-9375 was published May 13, 2022
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0... Moderate Unreviewed
CVE-2017-6505 was published May 13, 2022
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is... Moderate Unreviewed
CVE-2016-9776 was published May 13, 2022
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS... Moderate Unreviewed
CVE-2016-7909 was published May 13, 2022
The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly... Moderate Unreviewed
CVE-2016-7908 was published May 13, 2022
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite... Moderate Unreviewed
CVE-2016-1981 was published May 13, 2022
QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest... Moderate Unreviewed
CVE-2017-9310 was published May 13, 2022
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18... High Unreviewed
CVE-2018-5813 was published May 13, 2022
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload... Moderate Unreviewed
CVE-2017-14058 was published May 13, 2022
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows... Moderate Unreviewed
CVE-2018-19840 was published May 13, 2022
Loop with Unreachable Exit Condition in Netty High
CVE-2016-4970 was published for io.netty:netty-handler (Maven) May 13, 2022
sharonbz
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function... Moderate Unreviewed
CVE-2019-6462 was published May 13, 2022
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and... Moderate Unreviewed
CVE-2018-20467 was published May 13, 2022
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote... High Unreviewed
CVE-2017-16944 was published May 13, 2022
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows... Critical Unreviewed
CVE-2018-20784 was published May 13, 2022
Loop with Unreachable Exit Condition in Apache CXF Moderate
CVE-2014-3584 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 13, 2022
sunSUNQ SunBK201
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to... High Unreviewed
CVE-2017-13728 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database