Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

31 advisories

Loading
Infinite Loop in Apache PDFBox Moderate
CVE-2021-31812 was published for org.apache.pdfbox:pdfbox (Maven) Jun 15, 2021
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1... Moderate Unreviewed
CVE-2019-12973 was published May 24, 2022
In the Accounts package, there is a possible crash due to improper input validation. This could... Moderate Unreviewed
CVE-2019-9376 was published May 24, 2022
Using the Location API in a loop could have caused severe application hangs and crashes. This... Moderate Unreviewed
CVE-2021-43545 was published Dec 9, 2021
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and... Moderate Unreviewed
CVE-2020-14303 was published May 24, 2022
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU"... Moderate Unreviewed
CVE-2021-28950 was published May 24, 2022
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow... Moderate Unreviewed
CVE-2022-0585 was published Feb 19, 2022
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability.... Moderate Unreviewed
CVE-2021-21565 was published May 24, 2022
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e.,... Moderate Unreviewed
CVE-2019-9547 was published May 13, 2022
Excessive Iteration Denial of Service in Apache PDFBox Moderate
CVE-2021-27807 was published for org.apache.pdfbox:pdfbox (Maven) Jun 16, 2021
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long... Moderate Unreviewed
CVE-2018-11507 was published May 13, 2022
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage... Moderate Unreviewed
CVE-2018-9133 was published May 13, 2022
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability... Moderate Unreviewed
CVE-2017-11360 was published May 13, 2022
In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop... Moderate Unreviewed
CVE-2017-13279 was published May 13, 2022
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to... Moderate Unreviewed
CVE-2017-2330 was published May 13, 2022
An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to... Moderate Unreviewed
CVE-2018-18651 was published May 13, 2022
libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the... Moderate Unreviewed
CVE-2018-5252 was published May 13, 2022
Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows... Moderate Unreviewed
CVE-2023-0411 was published Jan 26, 2023
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator)... Moderate Unreviewed
CVE-2016-7421 was published May 13, 2022
JOSE vulnerable to resource exhaustion via specifically crafted JWE Moderate
CVE-2022-36083 was published for jose (npm) Sep 16, 2022
TomTervoort panva
Churro
OctoRPKI crashes when max iterations is reached Moderate
CVE-2022-3616 was published for github.com/cloudflare/cfrpki (Go) Oct 31, 2022
Eclipse Parsson Denial of Service vulnerability Moderate
CVE-2023-4043 was published for org.eclipse.parsson:project (Maven) Nov 3, 2023
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2018-20805 was published May 24, 2022
Liferay Portal denial-of-service vulnerability Moderate
CVE-2024-25144 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of... Moderate Unreviewed
CVE-2023-1993 was published Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API