GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses
High
GHSA-3v94-mw7p-v465
was published
for
hickory-net
(Rust)
May 7, 2026
netavark has incorrect error handling for malformed tcp packets
High
CVE-2026-35406
was published
for
netavark
(Rust)
Apr 7, 2026
quiche connection ID retirement can trigger an infinite loop
High
CVE-2025-7054
was published
for
quiche
(Rust)
Aug 7, 2025
Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp
Low
GHSA-g97w-mw7g-v3jv
was published
for
sequoia-openpgp
(Rust)
Jul 27, 2025
•
withdrawn
SurrealDB CPU exhaustion via custom functions result in total DoS
High
GHSA-pxw4-94j3-v9pf
was published
for
surrealdb
(Rust)
Apr 11, 2025
Low severity (DoS) vulnerability in sequoia-openpgp
Low
CVE-2024-58261
was published
for
sequoia-openpgp
(Rust)
Jun 26, 2024
Denial of Service Vulnerability in Rustls Library
High
CVE-2024-32650
was published
for
rustls
(Rust)
Apr 19, 2024
Candid infinite decoding loop through specially crafted payload
High
CVE-2023-6245
was published
for
candid
(Rust)
Dec 8, 2023
linux-loader reading beyond EOF could lead to infinite loop
Low
CVE-2022-23523
was published
for
linux-loader
(Rust)
Dec 12, 2022
kamadak-exif vulnerable to Infinite loop when parsing PNG files
Moderate
CVE-2021-21235
was published
for
kamadak-exif
(Rust)
Oct 6, 2022
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU
High
CVE-2022-35724
was published
for
apache-avro
(Rust)
Aug 10, 2022
Routinator infinite loop vulnerability
High
CVE-2021-43172
was published
for
routinator
(Rust)
May 24, 2022
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
High
CVE-2022-0778
was published
for
openssl-src
(Rust)
Mar 16, 2022
Invalid handling of `X509_verify_cert()` internal errors in libssl
High
CVE-2021-4044
was published
for
openssl-src
(Rust)
Dec 15, 2021
Integer Overflow/Infinite Loop in the http crate
High
CVE-2020-25574
was published
for
http
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API