GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
829 advisories
Filter by severity
Searching Opencast may cause a denial of service
Moderate
CVE-2024-52797
was published
for
org.opencastproject:opencast-elasticsearch-impl
(Maven)
Nov 20, 2024
Litestar allows unbounded resource consumption (DoS vulnerability)
High
CVE-2024-52581
was published
for
litestar
(pip)
Nov 20, 2024
Password Pusher rate limiter can be bypassed by forging proxy headers
Moderate
CVE-2024-52796
was published
for
pwpush
(RubyGems)
Nov 20, 2024
Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the...
High
Unreviewed
CVE-2021-1285
was published
Nov 18, 2024
Bitcoin Core before 0.15.0 allows a denial of service (OOM kill of a daemon process) via a flood...
High
Unreviewed
CVE-2024-52916
was published
Nov 18, 2024
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis...
Moderate
Unreviewed
CVE-2024-52917
was published
Nov 18, 2024
Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service (memory...
High
Unreviewed
CVE-2024-52915
was published
Nov 18, 2024
Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service (infinite loop)...
High
Unreviewed
CVE-2024-52920
was published
Nov 18, 2024
In Bitcoin Core before 0.21.0, an attacker could prevent a node from seeing a specific...
Moderate
Unreviewed
CVE-2024-52913
was published
Nov 18, 2024
In Bitcoin Core before 0.18.0, a node could be stalled for hours when processing the orphans of a...
High
Unreviewed
CVE-2024-52914
was published
Nov 18, 2024
Bitcoin-Qt in Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2024-52918
was published
Nov 18, 2024
Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash)...
High
Unreviewed
CVE-2019-25220
was published
Nov 18, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Low
CVE-2024-21539
was published
for
@eslint/plugin-kit
(npm)
Nov 15, 2024
In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page,...
High
Unreviewed
CVE-2024-3760
was published
Nov 14, 2024
Missing ratelimit on passwrod resets in zenml
Moderate
CVE-2024-4311
was published
for
zenml
(pip)
Nov 14, 2024
zlib-rs stack overflow during decompression with malicious input
Moderate
GHSA-j3px-q95c-9683
was published
for
libz-rs-sys
(Rust)
Nov 14, 2024
In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due...
Moderate
Unreviewed
CVE-2024-43083
was published
Nov 13, 2024
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch...
High
Unreviewed
CVE-2024-48989
was published
Nov 13, 2024
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of...
Moderate
Unreviewed
CVE-2024-21994
was published
Nov 8, 2024
An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service (DoS) via a...
High
Unreviewed
CVE-2024-51428
was published
Nov 7, 2024
Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability
High
CVE-2024-38286
was published
for
org.apache.tomcat:tomcat-util
(Maven)
Nov 7, 2024
An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a...
High
Unreviewed
CVE-2024-48809
was published
Nov 4, 2024
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API...
High
Unreviewed
CVE-2024-51557
was published
Nov 4, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7...
Moderate
Unreviewed
CVE-2024-10599
was published
Nov 1, 2024
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation...
Moderate
Unreviewed
CVE-2024-31152
was published
Oct 30, 2024
ProTip!
Advisories are also available from the
GraphQL API