Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243 advisories

Loading
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in... Moderate Unreviewed
CVE-2011-1142 was published May 17, 2022
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote... Moderate Unreviewed
CVE-2018-9251 was published May 13, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of... Moderate Unreviewed
CVE-2018-9058 was published May 13, 2022
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch... Moderate Unreviewed
CVE-2018-7453 was published May 13, 2022
An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause... Moderate Unreviewed
CVE-2018-7174 was published May 13, 2022
VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a... Moderate Unreviewed
CVE-2018-6977 was published May 13, 2022
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers... Moderate Unreviewed
CVE-2018-6253 was published May 13, 2022
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage... Moderate Unreviewed
CVE-2018-5685 was published May 13, 2022
libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows... Moderate Unreviewed
CVE-2018-20348 was published May 13, 2022
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3.... Moderate Unreviewed
CVE-2018-20099 was published May 13, 2022
** DISPUTED ** In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop... Moderate Unreviewed
CVE-2018-19826 was published May 13, 2022
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer... Moderate Unreviewed
CVE-2018-19108 was published May 13, 2022
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0... Moderate Unreviewed
CVE-2018-18915 was published May 13, 2022
An issue has been found in dbf2txt through 2012-07-19. It is a infinite loop. Moderate Unreviewed
CVE-2018-17042 was published May 13, 2022
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in... Moderate Unreviewed
CVE-2018-15856 was published May 13, 2022
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a... Moderate Unreviewed
CVE-2018-14445 was published May 13, 2022
GNU Libextractor before 1.7 contains an infinite loop vulnerability in... Moderate Unreviewed
CVE-2018-14347 was published May 13, 2022
An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk... Moderate Unreviewed
CVE-2018-12228 was published May 13, 2022
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial... Moderate Unreviewed
CVE-2018-10981 was published May 13, 2022
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability ... Moderate Unreviewed
CVE-2017-9461 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9208 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9210 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9209 was published May 13, 2022
The my_skip_input_data_fn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1... Moderate Unreviewed
CVE-2017-9093 was published May 13, 2022
The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows... Moderate Unreviewed
CVE-2017-9094 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database