GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
216 advisories
Filter by severity
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary...
Moderate
Unreviewed
CVE-2021-30471
was published
May 24, 2022
golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion
Moderate
CVE-2021-31525
was published
for
golang.org/x/net
(Go)
May 24, 2022
Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and...
High
Unreviewed
CVE-2021-27434
was published
May 24, 2022
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function...
High
Unreviewed
CVE-2021-28903
was published
May 24, 2022
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are...
High
Unreviewed
CVE-2021-27432
was published
May 24, 2022
The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a...
High
Unreviewed
CVE-2020-1898
was published
May 24, 2022
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device...
Moderate
Unreviewed
CVE-2021-20255
was published
May 24, 2022
An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion vulnerability in os_xml.c...
High
Unreviewed
CVE-2021-28040
was published
May 24, 2022
An issue was discovered in Xen through 4.14.x. When they require assistance from the device model...
Moderate
Unreviewed
CVE-2020-29566
was published
May 24, 2022
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack...
High
Unreviewed
CVE-2020-8285
was published
May 24, 2022
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via...
High
Unreviewed
CVE-2020-28196
was published
May 24, 2022
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x...
Moderate
Unreviewed
CVE-2020-28242
was published
May 24, 2022
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger...
Moderate
Unreviewed
CVE-2020-25219
was published
May 24, 2022
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote...
Moderate
Unreviewed
CVE-2020-12100
was published
May 24, 2022
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger...
Moderate
Unreviewed
CVE-2020-16094
was published
May 24, 2022
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via...
Moderate
Unreviewed
CVE-2020-13800
was published
May 24, 2022
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack"...
Moderate
Unreviewed
CVE-2020-12662
was published
May 24, 2022
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against...
Moderate
Unreviewed
CVE-2020-10995
was published
May 24, 2022
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c,...
Moderate
Unreviewed
CVE-2020-12825
was published
May 24, 2022
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba...
Moderate
Unreviewed
CVE-2020-10704
was published
May 24, 2022
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean...
High
Unreviewed
CVE-2020-12243
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the resource record-parsing...
Moderate
Unreviewed
CVE-2020-6071
was published
May 24, 2022
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union...
Moderate
Unreviewed
CVE-2019-20395
was published
May 24, 2022
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types...
Moderate
Unreviewed
CVE-2019-19645
was published
May 24, 2022
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because...
Moderate
Unreviewed
CVE-2019-18853
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API