Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

434 advisories

Loading
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage... Moderate Unreviewed
CVE-2018-5685 was published May 13, 2022
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a... High Unreviewed
CVE-2018-5253 was published May 13, 2022
An issue was discovered in NuttX before 7.27. The function netlib_parsehttpurl() in apps/netutils... High Unreviewed
CVE-2018-20578 was published May 13, 2022
libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows... Moderate Unreviewed
CVE-2018-20348 was published May 13, 2022
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3.... Moderate Unreviewed
CVE-2018-20099 was published May 13, 2022
An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer,... High Unreviewed
CVE-2018-20103 was published May 13, 2022
FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop... High Unreviewed
CVE-2018-1999012 was published May 13, 2022
** DISPUTED ** In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop... Moderate Unreviewed
CVE-2018-19826 was published May 13, 2022
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer... Moderate Unreviewed
CVE-2018-19108 was published May 13, 2022
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0... Moderate Unreviewed
CVE-2018-18915 was published May 13, 2022
An issue has been found in dbf2txt through 2012-07-19. It is a infinite loop. Moderate Unreviewed
CVE-2018-17042 was published May 13, 2022
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in... Moderate Unreviewed
CVE-2018-15856 was published May 13, 2022
GNU Libextractor before 1.7 contains an infinite loop vulnerability in... Moderate Unreviewed
CVE-2018-14347 was published May 13, 2022
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a... Moderate Unreviewed
CVE-2018-14445 was published May 13, 2022
The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop. High Unreviewed
CVE-2018-14051 was published May 13, 2022
In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop because sym2 and counter... High Unreviewed
CVE-2018-12913 was published May 13, 2022
An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk... Moderate Unreviewed
CVE-2018-12228 was published May 13, 2022
ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. High Unreviewed
CVE-2018-11657 was published May 13, 2022
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial... Moderate Unreviewed
CVE-2018-10981 was published May 13, 2022
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted... High Unreviewed
CVE-2018-10938 was published May 13, 2022
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x... High Unreviewed
CVE-2018-10546 was published May 13, 2022
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability ... Moderate Unreviewed
CVE-2017-9461 was published May 13, 2022
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x... High Unreviewed
CVE-2017-9358 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite... High Unreviewed
CVE-2017-9352 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite... High Unreviewed
CVE-2017-9346 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database