Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

103 advisories

Loading
Denial of Service in mqtt Moderate
CVE-2017-10910 was published for mqtt (npm) Dec 28, 2017
Denial of Service in Page Error Handling Moderate
CVE-2021-21359 was published for typo3/cms (Composer) Mar 23, 2021
derhansen
Denial of Service in Elasticsearch Moderate
CVE-2021-22144 was published for org.elasticsearch:elasticsearch (Maven) Aug 9, 2021
Uncontrolled recursion leads to abort in deserialization Moderate
GHSA-39vw-qp34-rmwf was published for serde_yaml (Rust) Aug 25, 2021
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust... Moderate Unreviewed
CVE-2021-46195 was published Jan 15, 2022
The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently,... Moderate Unreviewed
CVE-2022-23889 was published Jan 29, 2022
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a... Moderate Unreviewed
CVE-2007-1285 was published May 1, 2022
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack... Moderate Unreviewed
CVE-2019-9071 was published May 13, 2022
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could... Moderate Unreviewed
CVE-2018-0739 was published May 13, 2022
An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption... Moderate Unreviewed
CVE-2019-9904 was published May 13, 2022
Jenkins Token Macro Plugin's recursive token expansion results in information disclosure and DoS Moderate
CVE-2019-1003011 was published for org.jenkins-ci.plugins:token-macro (Maven) May 13, 2022
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An... Moderate Unreviewed
CVE-2018-1158 was published May 13, 2022
In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild... Moderate Unreviewed
CVE-2018-18020 was published May 13, 2022
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed
CVE-2018-18484 was published May 13, 2022
The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. Moderate Unreviewed
CVE-2019-11024 was published May 13, 2022
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a... Moderate Unreviewed
CVE-2019-11026 was published May 13, 2022
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in... Moderate Unreviewed
CVE-2019-6131 was published May 13, 2022
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows... Moderate Unreviewed
CVE-2019-6285 was published May 13, 2022
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02.... Moderate Unreviewed
CVE-2019-6290 was published May 13, 2022
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14... Moderate Unreviewed
CVE-2019-6291 was published May 13, 2022
An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack... Moderate Unreviewed
CVE-2019-6292 was published May 13, 2022
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is... Moderate Unreviewed
CVE-2019-6293 was published May 13, 2022
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and... Moderate Unreviewed
CVE-2018-9138 was published May 13, 2022
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting... Moderate Unreviewed
CVE-2017-7515 was published May 13, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an... Moderate Unreviewed
CVE-2017-0886 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database