Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,479
Maven
5,000+
npm
5,000+
NuGet
886
pip
4,740
Pub
13
RubyGems
1,031
Rust
1,225
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

224 advisories

Loading
A flaw was identified in the RAR5 archive decompression logic of the libarchive library,... High Unreviewed
CVE-2026-4111 was published Mar 13, 2026
It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does... High Unreviewed
CVE-2026-2219 was published Mar 7, 2026
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6... High Unreviewed
CVE-2026-24831 was published Jan 27, 2026
A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the SIP application... High Unreviewed
CVE-2026-21905 was published Jan 15, 2026
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c... High Unreviewed
CVE-2017-12997 was published May 13, 2022
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain... High Unreviewed
CVE-2017-12995 was published May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print... High Unreviewed
CVE-2017-12990 was published May 13, 2022
The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers... High Unreviewed
CVE-2016-6301 was published May 13, 2022
Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p... High Unreviewed
CVE-2025-66252 was published Nov 26, 2025
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry... High Unreviewed
CVE-2025-8194 was published Jul 28, 2025
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown... High Unreviewed
CVE-2023-45232 was published Jan 16, 2024
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via... High Unreviewed
CVE-2021-42260 was published May 24, 2022
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option... High Unreviewed
CVE-2023-45233 was published Jan 16, 2024
There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When... High Unreviewed
CVE-2024-8088 was published Aug 22, 2024
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of... High Unreviewed
CVE-2024-52532 was published Nov 11, 2024
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via... High Unreviewed
CVE-2023-2879 was published May 26, 2023
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of... High Unreviewed
CVE-2023-4511 was published Aug 24, 2023
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows... High Unreviewed
CVE-2021-4184 was published Dec 31, 2021
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service... High Unreviewed
CVE-2021-4182 was published Dec 31, 2021
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows... High Unreviewed
CVE-2022-0586 was published Feb 15, 2022
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of... High Unreviewed
CVE-2021-4185 was published Dec 31, 2021
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0211 was published Jan 3, 2024
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2024-20353 was published Apr 24, 2024
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE... High Unreviewed
CVE-2025-20312 was published Sep 24, 2025
This vulnerability allows any attacker to cause the PeerTube server to stop responding to... High Unreviewed
CVE-2025-32947 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database