GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
197 advisories
Filter by severity
json-smart Uncontrolled Recursion vulnerabilty
High
CVE-2023-1370
was published
for
net.minidev:json-smart
(Maven)
Mar 23, 2023
golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion
Moderate
CVE-2021-31525
was published
for
golang.org/x/net
(Go)
May 24, 2022
In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion...
Low
Unreviewed
CVE-2024-4568
was published
May 6, 2024
sqlparse parsing heavily nested list leads to Denial of Service
High
CVE-2024-4340
was published
for
sqlparse
(pip)
Apr 15, 2024
Duplicate Advisory: sqlparse parsing heavily nested list leads to Denial of Service
High
GHSA-62qf-jcq8-8gxw
was published
for
sqlparse
(pip)
Apr 30, 2024
•
withdrawn
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers...
Moderate
Unreviewed
CVE-2019-15144
was published
May 24, 2022
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean...
High
Unreviewed
CVE-2020-12243
was published
May 24, 2022
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack...
High
Unreviewed
CVE-2020-8285
was published
May 24, 2022
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or...
High
Unreviewed
CVE-2023-4512
was published
Aug 24, 2023
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
Moderate
Unreviewed
CVE-2022-48545
was published
Aug 22, 2023
In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite...
Moderate
Unreviewed
CVE-2023-2664
was published
Jul 6, 2023
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion...
Moderate
Unreviewed
CVE-2023-2663
was published
Jul 6, 2023
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability,...
High
Unreviewed
CVE-2023-2990
was published
Jun 22, 2023
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of...
High
Unreviewed
CVE-2023-31893
was published
Jun 5, 2023
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types...
Moderate
Unreviewed
CVE-2019-19645
was published
May 24, 2022
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
High
Unreviewed
CVE-2018-16452
was published
May 24, 2022
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print()...
High
Unreviewed
CVE-2018-16300
was published
May 24, 2022
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions...
High
Unreviewed
CVE-2019-13124
was published
May 24, 2022
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions...
High
Unreviewed
CVE-2019-13123
was published
May 24, 2022
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By...
Moderate
Unreviewed
CVE-2019-13955
was published
May 24, 2022
yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of...
Moderate
Unreviewed
CVE-2019-1010182
was published
May 24, 2022
serde serde_yaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of...
Moderate
Unreviewed
CVE-2019-1010183
was published
May 24, 2022
In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and...
Low
Unreviewed
CVE-2024-3247
was published
Apr 3, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and...
Low
Unreviewed
CVE-2024-3248
was published
Apr 3, 2024
ProTip!
Advisories are also available from the
GraphQL API