Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

218 advisories

Loading
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions... High Unreviewed
CVE-2019-13124 was published May 24, 2022
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions... High Unreviewed
CVE-2019-13123 was published May 24, 2022
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By... Moderate Unreviewed
CVE-2019-13955 was published May 24, 2022
yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed
CVE-2019-1010182 was published May 24, 2022
serde serde_yaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of... Moderate Unreviewed
CVE-2019-1010183 was published May 24, 2022
In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and... Low Unreviewed
CVE-2024-3248 was published Apr 3, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and... Low Unreviewed
CVE-2024-3247 was published Apr 3, 2024
** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29,... High Unreviewed
CVE-2019-9192 was published May 13, 2022
A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and... High Unreviewed
CVE-2024-20311 was published Mar 27, 2024
KaTeX's maxExpand bypassed by Unicode sub/superscripts Moderate
CVE-2024-28244 was published for katex (npm) Mar 25, 2024
jupenur ronkok
edemaine
KaTeX's maxExpand bypassed by `\edef` Moderate
CVE-2024-28243 was published for katex (npm) Mar 25, 2024
jupenur edemaine
orjson does not limit recursion for deeply nested JSON documents High
CVE-2024-27454 was published for orjson (pip) Feb 26, 2024
Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for... Moderate Unreviewed
CVE-2022-42321 was published Nov 1, 2022
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a... Moderate Unreviewed
CVE-2007-1285 was published May 1, 2022
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion,... Moderate Unreviewed
CVE-2019-15118 was published May 24, 2022
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery... High Unreviewed
CVE-2016-3627 was published May 14, 2022
Denial of Service in Page Error Handling Moderate
CVE-2021-21359 was published for typo3/cms (Composer) Mar 23, 2021
derhansen
Uncontrolled Recursion in SurrealQL Parsing Moderate
GHSA-6r8p-hpg7-825g was published for surrealdb (Rust) Jan 18, 2024
msgpackr's conversion of property names to strings can trigger infinite recursion High
CVE-2023-52079 was published for msgpackr (npm) Dec 28, 2023
o5k
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or... High Unreviewed
CVE-2024-0210 was published Jan 3, 2024
Jenkins Token Macro Plugin's recursive token expansion results in information disclosure and DoS Moderate
CVE-2019-1003011 was published for org.jenkins-ci.plugins:token-macro (Maven) May 13, 2022
Denial of service caused by infinite recursion when parsing SVG document Moderate
CVE-2023-50251 was published for phenx/php-svg-lib (Composer) Dec 13, 2023
cod3beat
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU... High Unreviewed
CVE-2022-47374 was published Dec 12, 2023
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause... High Unreviewed
CVE-2020-23804 was published Aug 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database