Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of... High Unreviewed
CVE-2024-0842 was published Feb 9, 2024
Denial of service in HashiCorp Consul High
CVE-2020-25201 was published for github.com/hashicorp/consul (Go) Jan 31, 2024
phpseclib vulnerable to denial of service High
CVE-2023-49316 was published for phpseclib/phpseclib (Composer) Nov 27, 2023
kdambekalns iekadou
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server... High Unreviewed
CVE-2023-5632 was published Oct 18, 2023
Keylime's registrar vulnerable to Denial-of-service attack via a single open connection High
CVE-2023-38200 was published for keylime (pip) Aug 1, 2023
Apache Sling Resource Merger has Excessive Iteration vulnerability High
CVE-2023-26513 was published for org.apache.sling:org.apache.sling.resourcemerger (Maven) Mar 20, 2023
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386... High Unreviewed
CVE-2021-3128 was published May 24, 2022
In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL... High Unreviewed
CVE-2021-3125 was published May 24, 2022
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive... High Unreviewed
CVE-2021-23270 was published May 24, 2022
srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU... High Unreviewed
CVE-2020-35573 was published May 24, 2022
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of... High Unreviewed
CVE-2019-3559 was published May 24, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop... High Unreviewed
CVE-2018-9261 was published May 13, 2022
The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9257 was published May 13, 2022
The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9256 was published May 13, 2022
The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9253 was published May 13, 2022
The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9254 was published May 13, 2022
The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 ... High Unreviewed
CVE-2017-9255 was published May 13, 2022
In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File)... High Unreviewed
CVE-2017-14222 was published May 13, 2022
In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause... High Unreviewed
CVE-2017-14057 was published May 13, 2022
In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and... High Unreviewed
CVE-2017-14059 was published May 13, 2022
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14055 was published May 13, 2022
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14054 was published May 13, 2022
In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14056 was published May 13, 2022
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c. High Unreviewed
CVE-2017-12587 was published May 13, 2022
The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a... High Unreviewed
CVE-2017-11549 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API