GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

588 advisories

Filter by severity

Sort by

Least recently updated

Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise... High Unreviewed

CVE-2024-30156 was published Mar 24, 2024

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed

CVE-2024-21011 was published Apr 17, 2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Moderate Unreviewed

CVE-2024-20968 was published Feb 17, 2024

OpenLiteSpeed before 1.8.1 mishandles chunked encoding. Moderate Unreviewed

CVE-2024-31617 was published May 22, 2024

Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis... Moderate Unreviewed

CVE-2024-52917 was published Nov 18, 2024

Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service (memory... High Unreviewed

CVE-2024-52915 was published Nov 18, 2024

In Bitcoin Core before 0.21.0, an attacker could prevent a node from seeing a specific... Moderate Unreviewed

CVE-2024-52913 was published Nov 18, 2024

In Bitcoin Core before 0.18.0, a node could be stalled for hours when processing the orphans of a... High Unreviewed

CVE-2024-52914 was published Nov 18, 2024

Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the... High Unreviewed

CVE-2021-1285 was published Nov 18, 2024

Bitcoin-Qt in Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2024-52918 was published Nov 18, 2024

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash)... High Unreviewed

CVE-2019-25220 was published Nov 18, 2024

Bitcoin Core before 0.15.0 allows a denial of service (OOM kill of a daemon process) via a flood... High Unreviewed

CVE-2024-52916 was published Nov 18, 2024

Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service (infinite loop)... High Unreviewed

CVE-2024-52920 was published Nov 18, 2024

A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.254), Parasolid V36... Moderate Unreviewed

CVE-2024-26276 was published Apr 9, 2024

In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page,... High Unreviewed

CVE-2024-3760 was published Nov 14, 2024

In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due... Moderate Unreviewed

CVE-2024-43083 was published Nov 13, 2024

A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch... High Unreviewed

CVE-2024-48989 was published Nov 13, 2024

The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation... Moderate Unreviewed

CVE-2024-31152 was published Oct 30, 2024

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of... Moderate Unreviewed

CVE-2024-21994 was published Nov 8, 2024

An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service (DoS) via a... High Unreviewed

CVE-2024-51428 was published Nov 7, 2024

This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API... High Unreviewed

CVE-2024-51557 was published Nov 4, 2024

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API alwaysmulti.cgi... Moderate Unreviewed

CVE-2024-6509 was published Sep 10, 2024

When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly... Moderate Unreviewed

CVE-2023-45290 was published Mar 6, 2024

A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a... Moderate Unreviewed

CVE-2024-22436 was published Mar 26, 2024

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix... Moderate Unreviewed

CVE-2021-47057 was published Mar 1, 2024

Previous 1 2 3 4 5 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

588 advisories