Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

167 advisories

Loading
In ims service, there is a possible system crash due to incorrect error handling. This could lead... High Unreviewed
CVE-2025-20678 was published Jun 2, 2025
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive... High Unreviewed
CVE-2024-8176 was published Mar 14, 2025
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via... Moderate Unreviewed
CVE-2022-25313 was published Feb 19, 2022
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a... High Unreviewed
CVE-2025-30193 was published May 20, 2025
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion... High Unreviewed
CVE-2017-11164 was published May 13, 2022
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause... High Unreviewed
CVE-2017-9766 was published May 13, 2022
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-9438 was published May 13, 2022
VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as... Low Unreviewed
CVE-2025-43708 was published Apr 17, 2025
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a... Moderate Unreviewed
CVE-2007-1285 was published May 1, 2022
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS... High Unreviewed
CVE-2023-22617 was published Jan 21, 2023
An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth... Moderate Unreviewed
CVE-2024-58102 was published Mar 11, 2025
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows... High Unreviewed
CVE-2025-1492 was published Feb 20, 2025
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted... Low Unreviewed
CVE-2024-57257 was published Feb 19, 2025
cpdf through 2.8 allows stack consumption via a crafted PDF document. Moderate Unreviewed
CVE-2024-54731 was published Jan 8, 2025
In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion ... Moderate Unreviewed
CVE-2024-53090 was published Nov 21, 2024
In Faust 2.23.1, an input file with the lines "// r visualisation tCst" and "//process = +: L:... High Unreviewed
CVE-2021-41737 was published Nov 11, 2024
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of... High Unreviewed
CVE-2024-0208 was published Jan 3, 2024
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0211 was published Jan 3, 2024
In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -... Moderate Unreviewed
CVE-2024-44996 was published Sep 4, 2024
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in... Moderate Unreviewed
CVE-2019-6131 was published May 13, 2022
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic... High Unreviewed
CVE-2024-34158 was published Sep 6, 2024
LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such... Critical Unreviewed
CVE-2023-51803 was published Apr 1, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion... Low Unreviewed
CVE-2024-7866 was published Aug 15, 2024
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c. High Unreviewed
CVE-2024-32609 was published May 14, 2024
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x... Moderate Unreviewed
CVE-2020-28242 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database