Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

215 advisories

Loading
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image... Moderate Unreviewed
CVE-2018-5772 was published May 13, 2022
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary... Moderate Unreviewed
CVE-2018-5759 was published May 13, 2022
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.... Moderate Unreviewed
CVE-2018-9996 was published May 13, 2022
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream... Moderate Unreviewed
CVE-2018-6544 was published May 13, 2022
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name... High Unreviewed
CVE-2018-9918 was published May 13, 2022
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c,... Moderate Unreviewed
CVE-2020-12825 was published May 24, 2022
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust... Moderate Unreviewed
CVE-2021-46195 was published Jan 15, 2022
The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently,... Moderate Unreviewed
CVE-2022-23889 was published Jan 29, 2022
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS... High Unreviewed
CVE-2023-22617 was published Jan 21, 2023
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not... High Unreviewed
CVE-2016-9597 was published May 13, 2022
In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting... Moderate Unreviewed
CVE-2022-37034 was published Feb 2, 2023
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2019-17450 was published May 24, 2022
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. Moderate Unreviewed
CVE-2019-16163 was published May 24, 2022
LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass:... Moderate Unreviewed
CVE-2018-20822 was published May 24, 2022
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service ... Moderate Unreviewed
CVE-2018-20821 was published May 24, 2022
Moodle vulnerable to Uncontrolled Resource Consumption High
CVE-2021-36395 was published for moodle/moodle (Composer) Mar 6, 2023
Jettison vulnerable to infinite recursion High
CVE-2023-1436 was published for org.codehaus.jettison:jettison (Maven) Mar 22, 2023
An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a... Moderate Unreviewed
CVE-2020-36691 was published Mar 24, 2023
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion... High Unreviewed
CVE-2017-11164 was published May 13, 2022
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial... Moderate Unreviewed
CVE-2021-3997 was published Aug 24, 2022
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Moderate Unreviewed
CVE-2022-1771 was published May 19, 2022
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite... Moderate Unreviewed
CVE-2022-47662 was published Jan 5, 2023
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. Moderate Unreviewed
CVE-2022-3222 was published Sep 16, 2022
Uncontrolled recursion leads to abort in deserialization Moderate
GHSA-39vw-qp34-rmwf was published for serde_yaml (Rust) Aug 25, 2021
Uncontrolled recursion in rust-yaml High
CVE-2018-20993 was published for yaml-rust (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database