GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
66 advisories
Filter by severity
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic...
High
Unreviewed
CVE-2024-34158
was published
Sep 6, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-37973
was published
Jul 9, 2024
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c.
High
Unreviewed
CVE-2024-32609
was published
May 14, 2024
A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and...
High
Unreviewed
CVE-2024-20311
was published
Mar 27, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or...
High
Unreviewed
CVE-2024-0211
was published
Jan 3, 2024
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of...
High
Unreviewed
CVE-2024-0208
was published
Jan 3, 2024
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or...
High
Unreviewed
CVE-2024-0210
was published
Jan 3, 2024
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU...
High
Unreviewed
CVE-2022-47374
was published
Dec 12, 2023
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or...
High
Unreviewed
CVE-2023-4512
was published
Aug 24, 2023
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause...
High
Unreviewed
CVE-2020-23804
was published
Aug 22, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability,...
High
Unreviewed
CVE-2023-2990
was published
Jun 22, 2023
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of...
High
Unreviewed
CVE-2023-31893
was published
Jun 5, 2023
A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO...
High
Unreviewed
CVE-2023-24472
was published
Mar 30, 2023
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS...
High
Unreviewed
CVE-2023-22617
was published
Jan 21, 2023
Mastodon through 4.0.2 allows attackers to cause a denial of service (large Sidekiq pull queue)...
High
Unreviewed
CVE-2022-46405
was published
Dec 4, 2022
It was possible to trigger an infinite recursion condition in the error handler when Hermes...
High
Unreviewed
CVE-2022-27810
was published
Oct 7, 2022
A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This...
High
Unreviewed
CVE-2022-3216
was published
Sep 15, 2022
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of...
High
Unreviewed
CVE-2022-23460
was published
Aug 20, 2022
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an...
High
Unreviewed
CVE-2022-30631
was published
Aug 11, 2022
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows...
High
Unreviewed
CVE-2022-30635
was published
Aug 11, 2022
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an...
High
Unreviewed
CVE-2022-30633
was published
Aug 11, 2022
Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an...
High
Unreviewed
CVE-2022-30632
was published
Aug 11, 2022
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to...
High
Unreviewed
CVE-2022-30630
was published
Aug 11, 2022
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an...
High
Unreviewed
CVE-2022-28131
was published
Aug 11, 2022
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could...
High
Unreviewed
CVE-2019-12295
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API