Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

81 advisories

Loading
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop... High Unreviewed
CVE-2018-9261 was published May 13, 2022
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of... High Unreviewed
CVE-2019-3559 was published May 24, 2022
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1... Moderate Unreviewed
CVE-2019-12973 was published May 24, 2022
In the Accounts package, there is a possible crash due to improper input validation. This could... Moderate Unreviewed
CVE-2019-9376 was published May 24, 2022
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and... Moderate Unreviewed
CVE-2020-14303 was published May 24, 2022
A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed
CVE-2018-20805 was published May 24, 2022
srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU... High Unreviewed
CVE-2020-35573 was published May 24, 2022
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU"... Moderate Unreviewed
CVE-2021-28950 was published May 24, 2022
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive... High Unreviewed
CVE-2021-23270 was published May 24, 2022
In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL... High Unreviewed
CVE-2021-3125 was published May 24, 2022
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386... High Unreviewed
CVE-2021-3128 was published May 24, 2022
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability.... Moderate Unreviewed
CVE-2021-21565 was published May 24, 2022
JOSE vulnerable to resource exhaustion via specifically crafted JWE Moderate
CVE-2022-36083 was published for jose (npm) Sep 16, 2022
TomTervoort panva
Churro
OctoRPKI crashes when max iterations is reached Moderate
CVE-2022-3616 was published for github.com/cloudflare/cfrpki (Go) Oct 31, 2022
Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows... Moderate Unreviewed
CVE-2023-0411 was published Jan 26, 2023
Apache Sling Resource Merger has Excessive Iteration vulnerability High
CVE-2023-26513 was published for org.apache.sling:org.apache.sling.resourcemerger (Maven) Mar 20, 2023
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of... Moderate Unreviewed
CVE-2023-1993 was published Apr 12, 2023
An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0... Moderate Unreviewed
CVE-2023-30226 was published Jul 12, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:... Moderate Unreviewed
CVE-2023-3817 was published Jul 31, 2023
Keylime's registrar vulnerable to Denial-of-service attack via a single open connection High
CVE-2023-38200 was published for keylime (pip) Aug 1, 2023
Golang TIFF decoder vulnerable to excessive CPU consumption Moderate
CVE-2023-29407 was published for golang.org/x/image (Go) Aug 2, 2023
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server... High Unreviewed
CVE-2023-5632 was published Oct 18, 2023
Eclipse Parsson Denial of Service vulnerability Moderate
CVE-2023-4043 was published for org.eclipse.parsson:project (Maven) Nov 3, 2023
phpseclib vulnerable to denial of service High
CVE-2023-49316 was published for phpseclib/phpseclib (Composer) Nov 27, 2023
kdambekalns iekadou
Denial of service in HashiCorp Consul High
CVE-2020-25201 was published for github.com/hashicorp/consul (Go) Jan 31, 2024
ProTip! Advisories are also available from the GraphQL API