Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

81 advisories

Loading
Infinite Loop in Apache PDFBox Moderate
CVE-2021-31812 was published for org.apache.pdfbox:pdfbox (Maven) Jun 15, 2021
Excessive Iteration Denial of Service in Apache PDFBox Moderate
CVE-2021-27807 was published for org.apache.pdfbox:pdfbox (Maven) Jun 16, 2021
Excessive Iteration in Compress High
CVE-2021-35515 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Excessive CPU usage High
CVE-2021-39204 was published for github.com/pomerium/pomerium (Go) Sep 10, 2021
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of... High Unreviewed
CVE-2021-39923 was published Nov 20, 2021
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows... High Unreviewed
CVE-2021-39924 was published Nov 20, 2021
Using the Location API in a loop could have caused severe application hangs and crashes. This... Moderate Unreviewed
CVE-2021-43545 was published Dec 9, 2021
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet... High Unreviewed
CVE-2021-4190 was published Dec 31, 2021
Improper Input Validation and Excessive Iteration in Go Facebook Thrift High
CVE-2019-3564 was published for github.com/facebook/fbthrift (Go) Feb 15, 2022
oliverchang
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow... Moderate Unreviewed
CVE-2022-0585 was published Feb 19, 2022
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping... High Unreviewed
CVE-2021-4021 was published Feb 25, 2022
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e.,... Moderate Unreviewed
CVE-2019-9547 was published May 13, 2022
In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of... High Unreviewed
CVE-2017-14171 was published May 13, 2022
In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack... High Unreviewed
CVE-2017-14170 was published May 13, 2022
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an... High Unreviewed
CVE-2017-14174 was published May 13, 2022
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator)... Moderate Unreviewed
CVE-2016-7421 was published May 13, 2022
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14175 was published May 13, 2022
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of... High Unreviewed
CVE-2017-14172 was published May 13, 2022
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders... High Unreviewed
CVE-2017-17914 was published May 13, 2022
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in... High Unreviewed
CVE-2017-12674 was published May 13, 2022
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long... Moderate Unreviewed
CVE-2018-11507 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop... High Unreviewed
CVE-2018-7321 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop... High Unreviewed
CVE-2018-7323 was published May 13, 2022
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage... Moderate Unreviewed
CVE-2018-9133 was published May 13, 2022
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. High Unreviewed
CVE-2018-11813 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API