Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

625 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: signal: restore the... Moderate Unreviewed
CVE-2024-50271 was published Nov 19, 2024
In Bitcoin Core before 0.21.0, an attacker could prevent a node from seeing a specific... Moderate Unreviewed
CVE-2024-52913 was published Nov 18, 2024
Bitcoin-Qt in Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2024-52918 was published Nov 18, 2024
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis... Moderate Unreviewed
CVE-2024-52917 was published Nov 18, 2024
Missing ratelimit on passwrod resets in zenml Moderate
CVE-2024-4311 was published for zenml (pip) Nov 14, 2024
zlib-rs stack overflow during decompression with malicious input Moderate
GHSA-j3px-q95c-9683 was published for libz-rs-sys (Rust) Nov 14, 2024
inahga
Credited to inahga
In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due... Moderate Unreviewed
CVE-2024-43083 was published Nov 13, 2024
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of... Moderate Unreviewed
CVE-2024-21994 was published Nov 8, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7... Moderate Unreviewed
CVE-2024-10599 was published Nov 1, 2024
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation... Moderate Unreviewed
CVE-2024-31152 was published Oct 30, 2024
Mattermost Server vulnerable to application crash from attacker-generated large response Moderate
CVE-2024-47401 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4... Moderate Unreviewed
CVE-2024-6826 was published Oct 24, 2024
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow... Moderate Unreviewed
CVE-2024-20526 was published Oct 23, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-31880 was published Oct 23, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to... Moderate Unreviewed
CVE-2024-50311 was published Oct 22, 2024
Security Update for the OPC UA .NET Standard Stack Moderate
CVE-2024-45526 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 18, 2024
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch Moderate
CVE-2024-41128 was published for actionpack (RubyGems) Oct 15, 2024
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks Moderate
CVE-2024-8184 was published for org.eclipse.jetty:jetty-server (Maven) Oct 14, 2024
HRsGIT levpachmanov
Credited to HRsGIT and levpachmanov
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to... Moderate Unreviewed
CVE-2024-47969 was published Oct 8, 2024
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject... Moderate Unreviewed
CVE-2024-46745 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible... Moderate Unreviewed
CVE-2024-45014 was published Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: use dma... Moderate Unreviewed
CVE-2024-45012 was published Sep 11, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU... Moderate Unreviewed
CVE-2024-23184 was published Sep 10, 2024
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation... Moderate Unreviewed
CVE-2024-7734 was published Sep 10, 2024
Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API alwaysmulti.cgi... Moderate Unreviewed
CVE-2024-6509 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database