Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval:... High Unreviewed
CVE-2017-12964 was published May 13, 2022
There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc)... High Unreviewed
CVE-2017-11554 was published May 13, 2022
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser... High Unreviewed
CVE-2017-11556 was published May 13, 2022
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4... Moderate Unreviewed
CVE-2017-0692 was published May 13, 2022
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp... Moderate Unreviewed
CVE-2019-12213 was published May 24, 2022
poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting... Moderate Unreviewed
CVE-2017-7515 was published May 13, 2022
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix... High Unreviewed
CVE-2018-20796 was published May 13, 2022
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and... Moderate Unreviewed
CVE-2018-9138 was published May 13, 2022
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image:... High Unreviewed
CVE-2019-9143 was published May 13, 2022
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is... Moderate Unreviewed
CVE-2019-6293 was published May 13, 2022
An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack... Moderate Unreviewed
CVE-2019-6292 was published May 13, 2022
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows... Moderate Unreviewed
CVE-2019-6285 was published May 13, 2022
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02.... Moderate Unreviewed
CVE-2019-6290 was published May 13, 2022
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects... High Unreviewed
CVE-2021-42717 was published Dec 8, 2021
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in... High Unreviewed
CVE-2019-9144 was published May 13, 2022
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14... Moderate Unreviewed
CVE-2019-6291 was published May 13, 2022
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a... Moderate Unreviewed
CVE-2019-11026 was published May 13, 2022
The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion. Moderate Unreviewed
CVE-2019-11024 was published May 13, 2022
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed
CVE-2018-18484 was published May 13, 2022
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An... Moderate Unreviewed
CVE-2018-1158 was published May 13, 2022
Data Amplification in Play Framework High
CVE-2020-26882 was published for com.typesafe.play:play (Maven) Feb 10, 2022
EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack... Critical Unreviewed
CVE-2018-1000618 was published May 13, 2022
Uncontrolled Recursion in Play Framework High
CVE-2020-26883 was published for com.typesafe.play:play (Maven) Feb 10, 2022
XPDF v4.04 was discovered to contain a stack overflow via the function Catalog::countPageTree()... Moderate Unreviewed
CVE-2022-38334 was published Sep 16, 2022
Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an... High Unreviewed
CVE-2019-0001 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database