Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

573 advisories

Loading
x/net/html Vulnerable to DoS During HTML Parsing High
CVE-2018-17846 was published for golang.org/x/net (Go) Sep 25, 2023
OpenFGA Vulnerable to DoS from circular relationship definitions Moderate
CVE-2023-43645 was published for github.com/openfga/openfga (Go) Sep 28, 2023
asyncua vulnerable to denial of service via infinite loop High
CVE-2023-26151 was published for asyncua (pip) Oct 3, 2023
MediaWiki Denial of Service vulnerability High
CVE-2023-45363 was published for mediawiki/core (Composer) Oct 9, 2023
Rudloff
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function.... Moderate Unreviewed
CVE-2023-43786 was published Oct 10, 2023
A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality... Moderate Unreviewed
CVE-2023-22325 was published Oct 12, 2023
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper... High Unreviewed
CVE-2023-44181 was published Oct 13, 2023
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF Moderate
CVE-2023-46250 was published for pypdf (pip) Oct 31, 2023
Alexhuszagh
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300... High Unreviewed
CVE-2023-1718 was published Nov 1, 2023
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco... High Unreviewed
CVE-2023-20083 was published Nov 1, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16... Moderate Unreviewed
CVE-2023-5825 was published Nov 6, 2023
Cosign vulnerable to possible endless data attack from attacker-controlled registry Low
CVE-2023-46737 was published for github.com/sigstore/cosign (Go) Nov 8, 2023
AdamKorcz pdeslaur
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Sierra Wireless, Inc... High Unreviewed
CVE-2023-40458 was published Nov 30, 2023
Candid infinite decoding loop through specially crafted payload High
CVE-2023-6245 was published for candid (Rust) Dec 8, 2023
venkkatesh-sekar chenyan-dfinity
ModularSquareRoot in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of... High Unreviewed
CVE-2023-50981 was published Dec 27, 2023
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function High
CVE-2023-51075 was published for cn.hutool:hutool-core (Maven) Dec 27, 2023
IPAddress Infinite Loop vulnerability (Disputed) Moderate
CVE-2023-50570 was published for com.github.seancfoley:ipaddress (Maven) Dec 29, 2023 withdrawn
mike-jumper
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that... High Unreviewed
CVE-2023-43511 was published Jan 2, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0211 was published Jan 3, 2024
An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an... Moderate Unreviewed
CVE-2023-47997 was published Jan 10, 2024
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop... Moderate Unreviewed
CVE-2023-50120 was published Jan 10, 2024
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be... Moderate Unreviewed
CVE-2023-0437 was published Jan 12, 2024
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown... High Unreviewed
CVE-2023-45232 was published Jan 16, 2024
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option... High Unreviewed
CVE-2023-45233 was published Jan 16, 2024
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop... Critical Unreviewed
CVE-2021-42143 was published Jan 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database