GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
286 advisories
Filter by severity
Windows Cryptographic Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-43546
was published
Oct 8, 2024
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as...
Moderate
Unreviewed
CVE-2024-9513
was published
Oct 4, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that
makes it possible to tell...
Moderate
Unreviewed
CVE-2024-41715
was published
Sep 26, 2024
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of...
Moderate
Unreviewed
CVE-2024-47129
was published
Sep 26, 2024
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that...
Moderate
Unreviewed
CVE-2024-8651
was published
Sep 19, 2024
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user...
Moderate
Unreviewed
CVE-2024-23984
was published
Sep 16, 2024
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine...
Moderate
Unreviewed
CVE-2024-34336
was published
Sep 12, 2024
Loway - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2024-42343
was published
Sep 8, 2024
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware...
Moderate
Unreviewed
CVE-2024-45678
was published
Sep 3, 2024
The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against...
Moderate
Unreviewed
CVE-2024-1543
was published
Aug 30, 2024
Generating the ECDSA nonce k samples a random number r and then
truncates this randomness with a...
Moderate
Unreviewed
CVE-2024-1544
was published
Aug 27, 2024
Matrix Tafnit v8
-
CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2024-38431
was published
Jul 30, 2024
In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that...
Moderate
Unreviewed
CVE-2024-41880
was published
Jul 22, 2024
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an...
Moderate
Unreviewed
CVE-2024-39891
was published
Jul 2, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36996
was published
Jul 1, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error...
Moderate
Unreviewed
CVE-2024-38322
was published
Jun 29, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the...
Moderate
Unreviewed
CVE-2024-38465
was published
Jun 16, 2024
By monitoring the time certain operations take, an attacker could have guessed which external...
Moderate
Unreviewed
CVE-2024-5690
was published
Jun 11, 2024
IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by...
Moderate
Unreviewed
CVE-2024-31878
was published
Jun 7, 2024
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be...
Moderate
Unreviewed
CVE-2024-2467
was published
Apr 25, 2024
A timing-based side-channel exists in the rust-openssl package, which could be sufficient to...
Moderate
Unreviewed
CVE-2024-3296
was published
Apr 4, 2024
User enumeration can occur in the Authentication REST API in Delinea PAM Secret Server 11.4. This...
Moderate
Unreviewed
CVE-2024-25651
was published
Mar 14, 2024
User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported...
Moderate
Unreviewed
CVE-2024-26268
was published
Feb 20, 2024
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a...
Moderate
Unreviewed
CVE-2023-6935
was published
Feb 10, 2024
A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib...
Moderate
Unreviewed
CVE-2024-0202
was published
Feb 5, 2024
ProTip!
Advisories are also available from the
GraphQL API