GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
345 advisories
Filter by severity
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36996
was published
Jul 1, 2024
In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that...
Moderate
Unreviewed
CVE-2024-41880
was published
Jul 22, 2024
** VERSION NOT SUPPORTED WHEN ASSIGNED ** Citrix XenApp 6.5, when 2FA is enabled, allows a remote...
Moderate
Unreviewed
CVE-2020-13998
was published
May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An...
Moderate
Unreviewed
CVE-2022-27221
was published
Jun 15, 2022
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK...
Moderate
Unreviewed
CVE-2024-0553
was published
Jan 16, 2024
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an...
Moderate
Unreviewed
CVE-2024-39891
was published
Jul 2, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the...
Moderate
Unreviewed
CVE-2023-6240
was published
Feb 4, 2024
curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Moderate
GHSA-x4gp-pqpj-f43q
was published
for
curve25519-dalek
(Rust)
Jun 18, 2024
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature...
Moderate
Unreviewed
CVE-2022-30332
was published
Jan 10, 2023
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the...
Moderate
Unreviewed
CVE-2023-20569
was published
Aug 8, 2023
IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by...
Moderate
Unreviewed
CVE-2024-31878
was published
Jun 7, 2024
Mealie1.0.0beta3 is vulnerable to user enumeration via timing response discrepancy between users...
Moderate
Unreviewed
CVE-2022-34623
was published
Aug 20, 2022
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the...
Moderate
Unreviewed
CVE-2020-14002
was published
May 24, 2022
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be...
Moderate
Unreviewed
CVE-2024-2467
was published
Apr 25, 2024
A timing side-channel vulnerability has been discovered in the opencryptoki package while...
Moderate
Unreviewed
CVE-2024-0914
was published
Jan 31, 2024
Pagekit User enumeration
Moderate
CVE-2019-16669
was published
for
pagekit/pagekit
(Composer)
May 24, 2022
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-31186
was published
May 30, 2023
A timing-based side-channel exists in the rust-openssl package, which could be sufficient to...
Moderate
Unreviewed
CVE-2024-3296
was published
Apr 4, 2024
A vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All...
Moderate
Unreviewed
CVE-2023-43623
was published
Oct 10, 2023
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software...
Moderate
Unreviewed
CVE-2023-44216
was published
Sep 27, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this...
Moderate
Unreviewed
CVE-2023-4095
was published
Sep 19, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could...
Moderate
Unreviewed
CVE-2023-3221
was published
Sep 4, 2023
A potential power side-channel vulnerability in
AMD processors may allow an authenticated...
Moderate
Unreviewed
CVE-2023-20583
was published
Aug 1, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated...
Moderate
Unreviewed
CVE-2023-20575
was published
Jul 11, 2023
ProTip!
Advisories are also available from the
GraphQL API