GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
197 advisories
Filter by severity
The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service...
High
Unreviewed
CVE-2019-18796
was published
May 24, 2022
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an...
High
Unreviewed
CVE-2020-26575
was published
May 24, 2022
** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special...
High
Unreviewed
CVE-2020-15598
was published
May 24, 2022
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8...
High
Unreviewed
CVE-2020-7046
was published
May 24, 2022
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an...
High
Unreviewed
CVE-2019-20421
was published
May 24, 2022
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in...
High
Unreviewed
CVE-2019-5097
was published
May 24, 2022
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service...
High
Unreviewed
CVE-2019-18217
was published
May 24, 2022
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite...
High
Unreviewed
CVE-2019-16319
was published
May 24, 2022
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek...
High
Unreviewed
CVE-2019-14442
was published
May 24, 2022
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and...
High
Unreviewed
CVE-2019-3900
was published
May 24, 2022
In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite...
High
Unreviewed
CVE-2018-9444
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed...
High
Unreviewed
CVE-2018-9257
was published
May 13, 2022
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject:...
High
Unreviewed
CVE-2018-8002
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite...
High
Unreviewed
CVE-2018-7332
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite...
High
Unreviewed
CVE-2018-7330
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite...
High
Unreviewed
CVE-2018-7333
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite...
High
Unreviewed
CVE-2018-7331
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite...
High
Unreviewed
CVE-2018-7328
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an...
High
Unreviewed
CVE-2018-7327
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite...
High
Unreviewed
CVE-2018-7326
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an...
High
Unreviewed
CVE-2018-7325
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite...
High
Unreviewed
CVE-2018-7322
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite...
High
Unreviewed
CVE-2018-7324
was published
May 13, 2022
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28...
High
Unreviewed
CVE-2018-6918
was published
May 13, 2022
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the...
High
Unreviewed
CVE-2018-6196
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API