GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
104 advisories
Filter by severity
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.
Moderate
Unreviewed
CVE-2022-3222
was published
Sep 16, 2022
XPDF v4.04 was discovered to contain a stack overflow via the function Catalog::countPageTree()...
Moderate
Unreviewed
CVE-2022-38334
was published
Sep 16, 2022
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial...
Moderate
Unreviewed
CVE-2021-3997
was published
Aug 24, 2022
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow...
Moderate
Unreviewed
CVE-2022-1962
was published
Aug 11, 2022
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for...
Moderate
Unreviewed
CVE-2019-18854
was published
May 24, 2022
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp...
Moderate
Unreviewed
CVE-2019-12213
was published
May 24, 2022
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform...
Moderate
Unreviewed
CVE-2021-43519
was published
May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting...
Moderate
Unreviewed
CVE-2021-22454
was published
May 24, 2022
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call...
Moderate
Unreviewed
CVE-2021-39257
was published
May 24, 2022
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers...
Moderate
Unreviewed
CVE-2020-18898
was published
May 24, 2022
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the ...
Moderate
Unreviewed
CVE-2020-20213
was published
May 24, 2022
Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause...
Moderate
Unreviewed
CVE-2020-18392
was published
May 24, 2022
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary...
Moderate
Unreviewed
CVE-2021-30471
was published
May 24, 2022
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(),...
Moderate
Unreviewed
CVE-2021-30470
was published
May 24, 2022
golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion
Moderate
CVE-2021-31525
was published
for
golang.org/x/net
(Go)
May 24, 2022
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device...
Moderate
Unreviewed
CVE-2021-20255
was published
May 24, 2022
An issue was discovered in Xen through 4.14.x. When they require assistance from the device model...
Moderate
Unreviewed
CVE-2020-29566
was published
May 24, 2022
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x...
Moderate
Unreviewed
CVE-2020-28242
was published
May 24, 2022
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger...
Moderate
Unreviewed
CVE-2020-25219
was published
May 24, 2022
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote...
Moderate
Unreviewed
CVE-2020-12100
was published
May 24, 2022
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger...
Moderate
Unreviewed
CVE-2020-16094
was published
May 24, 2022
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via...
Moderate
Unreviewed
CVE-2020-13800
was published
May 24, 2022
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack"...
Moderate
Unreviewed
CVE-2020-12662
was published
May 24, 2022
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against...
Moderate
Unreviewed
CVE-2020-10995
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API