GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,598

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

281 advisories

Filter by severity

Sort by

Least recently updated

In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates... Moderate Unreviewed

CVE-2021-22161 was published May 24, 2022

In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured... Moderate Unreviewed

CVE-2021-0221 was published May 24, 2022

GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw... Moderate Unreviewed

CVE-2020-29385 was published May 24, 2022

hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer... Moderate Unreviewed

CVE-2020-28916 was published May 24, 2022

A user authorized to perform database queries may trigger denial of service by issuing specially... Moderate Unreviewed

CVE-2018-20803 was published May 24, 2022

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among... Moderate Unreviewed

CVE-2020-16127 was published May 24, 2022

An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel... Moderate Unreviewed

CVE-2020-27152 was published May 24, 2022

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A... Moderate Unreviewed

CVE-2020-25641 was published May 24, 2022

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. Moderate Unreviewed

CVE-2020-25625 was published May 24, 2022

In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an... Moderate Unreviewed

CVE-2020-0247 was published May 24, 2022

When in an endless loop, a website specifying a custom cursor using CSS could make it look like... Moderate Unreviewed

CVE-2020-15654 was published May 24, 2022

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to... Moderate Unreviewed

CVE-2019-20907 was published May 24, 2022

In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was... Moderate Unreviewed

CVE-2020-15466 was published May 24, 2022

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes... Moderate Unreviewed

CVE-2020-14398 was published May 24, 2022

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via... Moderate Unreviewed

CVE-2020-13800 was published May 24, 2022

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. Moderate Unreviewed

CVE-2020-12663 was published May 24, 2022

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a... Moderate Unreviewed

CVE-2015-5278 was published May 24, 2022

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a... Moderate Unreviewed

CVE-2015-5239 was published May 24, 2022

In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource... Moderate Unreviewed

CVE-2020-1600 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality... Moderate Unreviewed

CVE-2019-5091 was published May 24, 2022

Improper Check for filenames with overly long extensions in PostMaster (sending in email) or... Moderate Unreviewed

CVE-2019-18180 was published May 24, 2022

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid... Moderate Unreviewed

CVE-2019-19451 was published May 24, 2022

Designate does not enforce the DNS protocol limit concerning record set sizes Moderate

CVE-2015-5694 was published for designate (pip) May 24, 2022

An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of... Moderate Unreviewed

CVE-2019-17350 was published May 24, 2022

An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of... Moderate Unreviewed

CVE-2019-17349 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

281 advisories