GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,408

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

156 advisories

Filter by severity

Sort by

Least recently updated

ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects... High Unreviewed

CVE-2021-42717 was published Dec 8, 2021

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust... Moderate Unreviewed

CVE-2021-46195 was published Jan 15, 2022

The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently,... Moderate Unreviewed

CVE-2022-23889 was published Jan 29, 2022

Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager,... High Unreviewed

CVE-2022-28773 was published Apr 13, 2022

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a... Moderate Unreviewed

CVE-2007-1285 was published May 1, 2022

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack... Moderate Unreviewed

CVE-2019-9071 was published May 13, 2022

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream:... High Unreviewed

CVE-2019-9545 was published May 13, 2022

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream:... High Unreviewed

CVE-2019-9543 was published May 13, 2022

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could... Moderate Unreviewed

CVE-2018-0739 was published May 13, 2022

An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption... Moderate Unreviewed

CVE-2019-9904 was published May 13, 2022

An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1... High Unreviewed

CVE-2018-6003 was published May 13, 2022

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of... High Unreviewed

CVE-2017-9438 was published May 13, 2022

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion... High Unreviewed

CVE-2017-11164 was published May 13, 2022

Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an... High Unreviewed

CVE-2019-0001 was published May 13, 2022

EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack... Critical Unreviewed

CVE-2018-1000618 was published May 13, 2022

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An... Moderate Unreviewed

CVE-2018-1158 was published May 13, 2022

In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild... Moderate Unreviewed

CVE-2018-18020 was published May 13, 2022

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed

CVE-2018-18484 was published May 13, 2022

The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. Moderate Unreviewed

CVE-2019-11024 was published May 13, 2022

FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a... Moderate Unreviewed

CVE-2019-11026 was published May 13, 2022

svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in... Moderate Unreviewed

CVE-2019-6131 was published May 13, 2022

The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows... Moderate Unreviewed

CVE-2019-6285 was published May 13, 2022

An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02.... Moderate Unreviewed

CVE-2019-6290 was published May 13, 2022

An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14... Moderate Unreviewed

CVE-2019-6291 was published May 13, 2022

An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack... Moderate Unreviewed

CVE-2019-6292 was published May 13, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

156 advisories