GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
198 advisories
Filter by severity
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop...
High
Unreviewed
CVE-2017-11446
was published
May 13, 2022
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0...
High
Unreviewed
CVE-2017-11478
was published
May 13, 2022
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite...
High
Unreviewed
CVE-2017-11406
was published
May 13, 2022
The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote...
High
Unreviewed
CVE-2017-11118
was published
May 13, 2022
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion...
High
Unreviewed
CVE-2017-10985
was published
May 13, 2022
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()...
High
Unreviewed
CVE-2017-10986
was published
May 13, 2022
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to...
High
Unreviewed
CVE-2018-14621
was published
May 13, 2022
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions...
High
Unreviewed
CVE-2018-1041
was published
May 13, 2022
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in...
High
Unreviewed
CVE-2018-5381
was published
May 13, 2022
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to...
High
Unreviewed
CVE-2017-15871
was published
May 13, 2022
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop.
High
Unreviewed
CVE-2018-11365
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector...
High
Unreviewed
CVE-2018-14368
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite...
High
Unreviewed
CVE-2018-19622
was published
May 13, 2022
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function...
High
Unreviewed
CVE-2017-17681
was published
May 13, 2022
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote...
High
Unreviewed
CVE-2017-8871
was published
May 13, 2022
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an...
High
Unreviewed
CVE-2019-9747
was published
May 13, 2022
In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed...
High
Unreviewed
CVE-2019-10897
was published
May 13, 2022
In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan...
High
Unreviewed
CVE-2019-10898
was published
May 13, 2022
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan...
High
Unreviewed
CVE-2019-10900
was published
May 13, 2022
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions...
High
Unreviewed
CVE-2018-5818
was published
May 13, 2022
libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing...
High
Unreviewed
CVE-2018-16789
was published
May 13, 2022
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the...
High
Unreviewed
CVE-2017-18271
was published
May 13, 2022
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the...
High
Unreviewed
CVE-2017-18273
was published
May 13, 2022
The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause...
High
Unreviewed
CVE-2017-9122
was published
May 13, 2022
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in...
High
Unreviewed
CVE-2019-3833
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API