GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

197 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match... High Unreviewed

CVE-2019-11413 was published May 24, 2022

LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass:... Moderate Unreviewed

CVE-2018-20822 was published May 24, 2022

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service ... Moderate Unreviewed

CVE-2018-20821 was published May 24, 2022

serde serde_yaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed

CVE-2019-1010183 was published May 24, 2022

yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed

CVE-2019-1010182 was published May 24, 2022

Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By... Moderate Unreviewed

CVE-2019-13955 was published May 24, 2022

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion,... Moderate Unreviewed

CVE-2019-15118 was published May 24, 2022

In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers... Moderate Unreviewed

CVE-2019-15144 was published May 24, 2022

Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. Moderate Unreviewed

CVE-2019-16163 was published May 24, 2022

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE... Moderate Unreviewed

CVE-2019-11779 was published May 24, 2022

Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions... High Unreviewed

CVE-2019-13124 was published May 24, 2022

Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions... High Unreviewed

CVE-2019-13123 was published May 24, 2022

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print()... High Unreviewed

CVE-2018-16300 was published May 24, 2022

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. High Unreviewed

CVE-2018-16452 was published May 24, 2022

find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed

CVE-2019-17450 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart... High Unreviewed

CVE-2018-4002 was published May 24, 2022

ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because... Moderate Unreviewed

CVE-2019-18853 was published May 24, 2022

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types... Moderate Unreviewed

CVE-2019-19645 was published May 24, 2022

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union... Moderate Unreviewed

CVE-2019-20395 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the resource record-parsing... Moderate Unreviewed

CVE-2020-6071 was published May 24, 2022

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean... High Unreviewed

CVE-2020-12243 was published May 24, 2022

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba... Moderate Unreviewed

CVE-2020-10704 was published May 24, 2022

libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c,... Moderate Unreviewed

CVE-2020-12825 was published May 24, 2022

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against... Moderate Unreviewed

CVE-2020-10995 was published May 24, 2022

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack"... Moderate Unreviewed

CVE-2020-12662 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

197 advisories