GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,538

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

85 advisories

Filter by severity

Sort by

Least recently updated

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary... Moderate Unreviewed

CVE-2021-30471 was published May 24, 2022

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(),... Moderate Unreviewed

CVE-2021-30470 was published May 24, 2022

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device... Moderate Unreviewed

CVE-2021-20255 was published May 24, 2022

An issue was discovered in Xen through 4.14.x. When they require assistance from the device model... Moderate Unreviewed

CVE-2020-29566 was published May 24, 2022

An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x... Moderate Unreviewed

CVE-2020-28242 was published May 24, 2022

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger... Moderate Unreviewed

CVE-2020-25219 was published May 24, 2022

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote... Moderate Unreviewed

CVE-2020-12100 was published May 24, 2022

In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger... Moderate Unreviewed

CVE-2020-16094 was published May 24, 2022

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via... Moderate Unreviewed

CVE-2020-13800 was published May 24, 2022

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack"... Moderate Unreviewed

CVE-2020-12662 was published May 24, 2022

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against... Moderate Unreviewed

CVE-2020-10995 was published May 24, 2022

libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c,... Moderate Unreviewed

CVE-2020-12825 was published May 24, 2022

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba... Moderate Unreviewed

CVE-2020-10704 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the resource record-parsing... Moderate Unreviewed

CVE-2020-6071 was published May 24, 2022

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union... Moderate Unreviewed

CVE-2019-20395 was published May 24, 2022

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types... Moderate Unreviewed

CVE-2019-19645 was published May 24, 2022

ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because... Moderate Unreviewed

CVE-2019-18853 was published May 24, 2022

find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed

CVE-2019-17450 was published May 24, 2022

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE... Moderate Unreviewed

CVE-2019-11779 was published May 24, 2022

Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. Moderate Unreviewed

CVE-2019-16163 was published May 24, 2022

In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers... Moderate Unreviewed

CVE-2019-15144 was published May 24, 2022

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion,... Moderate Unreviewed

CVE-2019-15118 was published May 24, 2022

Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By... Moderate Unreviewed

CVE-2019-13955 was published May 24, 2022

yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed

CVE-2019-1010182 was published May 24, 2022

serde serde_yaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed

CVE-2019-1010183 was published May 24, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

85 advisories