GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,536

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

159 advisories

Filter by severity

Sort by

Least recently updated

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp... Moderate Unreviewed

CVE-2019-12213 was published May 24, 2022

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3... High Unreviewed

CVE-2021-39929 was published May 24, 2022

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform... Moderate Unreviewed

CVE-2021-43519 was published May 24, 2022

A component of the HarmonyOS has a External Control of System or Configuration Setting... Moderate Unreviewed

CVE-2021-22454 was published May 24, 2022

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call... Moderate Unreviewed

CVE-2021-39257 was published May 24, 2022

A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers... Moderate Unreviewed

CVE-2020-18898 was published May 24, 2022

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption... High Unreviewed

CVE-2021-38569 was published May 24, 2022

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter... High Unreviewed

CVE-2021-36773 was published May 24, 2022

Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the ... Moderate Unreviewed

CVE-2020-20213 was published May 24, 2022

An unlimited recursion in DxeCore in EDK II. High Unreviewed

CVE-2021-28210 was published May 24, 2022

A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed... High Unreviewed

CVE-2021-3530 was published May 24, 2022

Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause... Moderate Unreviewed

CVE-2020-18392 was published May 24, 2022

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(),... Moderate Unreviewed

CVE-2021-30470 was published May 24, 2022

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary... Moderate Unreviewed

CVE-2021-30471 was published May 24, 2022

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and... High Unreviewed

CVE-2021-27434 was published May 24, 2022

A stack overflow in libyang <= v1.0.225 can cause a denial of service through function... High Unreviewed

CVE-2021-28903 was published May 24, 2022

OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are... High Unreviewed

CVE-2021-27432 was published May 24, 2022

The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a... High Unreviewed

CVE-2020-1898 was published May 24, 2022

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device... Moderate Unreviewed

CVE-2021-20255 was published May 24, 2022

An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion vulnerability in os_xml.c... High Unreviewed

CVE-2021-28040 was published May 24, 2022

An issue was discovered in Xen through 4.14.x. When they require assistance from the device model... Moderate Unreviewed

CVE-2020-29566 was published May 24, 2022

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack... High Unreviewed

CVE-2020-8285 was published May 24, 2022

An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x... Moderate Unreviewed

CVE-2020-28242 was published May 24, 2022

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via... High Unreviewed

CVE-2020-28196 was published May 24, 2022

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger... Moderate Unreviewed

CVE-2020-25219 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

159 advisories