Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,231 advisories

Loading
Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service (infinite loop)... High Unreviewed
CVE-2024-52920 was published Nov 18, 2024
Bitcoin-Qt in Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2024-52918 was published Nov 18, 2024
Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash)... High Unreviewed
CVE-2019-25220 was published Nov 18, 2024
Bitcoin Core before 0.15.0 allows a denial of service (OOM kill of a daemon process) via a flood... High Unreviewed
CVE-2024-52916 was published Nov 18, 2024
In Bitcoin Core before 0.18.0, a node could be stalled for hours when processing the orphans of a... High Unreviewed
CVE-2024-52914 was published Nov 18, 2024
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis... Moderate Unreviewed
CVE-2024-52917 was published Nov 18, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit Low
CVE-2024-21539 was published for @eslint/plugin-kit (npm) Nov 15, 2024
mariancorneci-snyk SuperMaxine
MikuroXina
In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page,... High Unreviewed
CVE-2024-3760 was published Nov 14, 2024
Missing ratelimit on passwrod resets in zenml Moderate
CVE-2024-4311 was published for zenml (pip) Nov 14, 2024
zlib-rs stack overflow during decompression with malicious input Moderate
GHSA-j3px-q95c-9683 was published for libz-rs-sys (Rust) Nov 14, 2024
inahga
An issue in how XINJE XD5E-24R and XL5E-16T v3.5.3b handles TCP protocol messages allows... High Unreviewed
CVE-2024-50955 was published Nov 14, 2024
In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due... Moderate Unreviewed
CVE-2024-43083 was published Nov 13, 2024
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch... High Unreviewed
CVE-2024-48989 was published Nov 13, 2024
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of... Moderate Unreviewed
CVE-2024-21994 was published Nov 8, 2024
An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service (DoS) via a... High Unreviewed
CVE-2024-51428 was published Nov 7, 2024
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2024-38286 was published for org.apache.tomcat:tomcat-util (Maven) Nov 7, 2024
An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a... High Unreviewed
CVE-2024-48809 was published Nov 4, 2024
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API... High Unreviewed
CVE-2024-51557 was published Nov 4, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7... Moderate Unreviewed
CVE-2024-10599 was published Nov 1, 2024
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation... Moderate Unreviewed
CVE-2024-31152 was published Oct 30, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ... High Unreviewed
CVE-2024-7807 was published Oct 29, 2024
Potential race conditions in IndexedDB could have caused memory corruption, leading to a... Critical Unreviewed
CVE-2024-10468 was published Oct 29, 2024
Mattermost Server vulnerable to application crash from attacker-generated large response Moderate
CVE-2024-47401 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications Critical
CVE-2024-38821 was published for org.springframework.security:spring-security-web (Maven) Oct 28, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4... Moderate Unreviewed
CVE-2024-6826 was published Oct 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database