GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
511 advisories
Filter by severity
Soot Infinite Loop vulnerability
High
CVE-2023-46442
was published
for
org.soot-oss:soot
(Maven)
May 24, 2024
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3...
Moderate
Unreviewed
CVE-2024-4854
was published
May 14, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Moderate
CVE-2024-30172
was published
for
BouncyCastle
(Maven)
May 14, 2024
Vitess vulnerable to infinite memory consumption and vtgate crash
Moderate
CVE-2024-32886
was published
for
github.com/vitessio/vitess
(Go)
May 8, 2024
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests
High
CVE-2024-30251
was published
for
aiohttp
(pip)
May 3, 2024
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2024-20353
was published
Apr 24, 2024
Denial of Service Vulnerability in Rustls Library
High
CVE-2024-32650
was published
for
rustls
(Rust)
Apr 19, 2024
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite...
Moderate
Unreviewed
CVE-2024-2397
was published
Apr 12, 2024
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.
...
Unknown
Unreviewed
CVE-2024-24746
was published
Apr 6, 2024
CodeIgniter4 DoS Vulnerability
High
CVE-2024-29904
was published
for
codeigniter4/framework
(Composer)
Mar 29, 2024
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that...
High
Unreviewed
CVE-2024-1931
was published
Mar 7, 2024
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
Moderate
CVE-2024-24786
was published
for
google.golang.org/protobuf
(Go)
Mar 6, 2024
In the Linux kernel, the following vulnerability has been resolved:
x86/fpu: Stop relying on...
Moderate
Unreviewed
CVE-2024-26603
was published
Feb 26, 2024
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
High
CVE-2024-25710
was published
for
org.apache.commons:commons-compress
(Maven)
Feb 19, 2024
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop...
Critical
Unreviewed
CVE-2021-42143
was published
Jan 24, 2024
An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume...
High
Unreviewed
CVE-2023-51890
was published
Jan 24, 2024
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN...
High
Unreviewed
CVE-2023-45233
was published
Jan 16, 2024
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown...
High
Unreviewed
CVE-2023-45232
was published
Jan 16, 2024
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be...
Moderate
Unreviewed
CVE-2023-0437
was published
Jan 12, 2024
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop...
Moderate
Unreviewed
CVE-2023-50120
was published
Jan 10, 2024
An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an...
Moderate
Unreviewed
CVE-2023-47997
was published
Jan 10, 2024
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that...
High
Unreviewed
CVE-2023-43511
was published
Jan 2, 2024
IPAddress Infinite Loop vulnerability (Disputed)
Moderate
CVE-2023-50570
was published
for
com.github.seancfoley:ipaddress
(Maven)
Dec 29, 2023
•
withdrawn
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function
High
CVE-2023-51075
was published
for
cn.hutool:hutool-core
(Maven)
Dec 27, 2023
ProTip!
Advisories are also available from the
GraphQL API