GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
38 advisories
Filter by severity
Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401,...
High
Unreviewed
CVE-2024-39921
was published
Sep 4, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response...
High
Unreviewed
CVE-2022-45177
was published
Feb 21, 2024
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK...
High
Unreviewed
CVE-2023-5981
was published
Nov 28, 2023
Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when...
High
Unreviewed
CVE-2024-39830
was published
Jul 3, 2024
The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with...
High
Unreviewed
CVE-2024-37880
was published
Jun 10, 2024
User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during...
High
Unreviewed
CVE-2023-36127
was published
Oct 11, 2023
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a...
High
Unreviewed
CVE-2023-33850
was published
Aug 22, 2023
The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login...
High
Unreviewed
CVE-2023-3604
was published
Aug 21, 2023
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping...
High
Unreviewed
CVE-2023-3640
was published
Jul 24, 2023
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based...
High
Unreviewed
CVE-2023-32342
was published
May 31, 2023
A security vulnerability has been identified in the pkcs11-provider, which is associated with...
High
Unreviewed
CVE-2023-6258
was published
Jan 30, 2024
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated...
High
Unreviewed
CVE-2023-25529
was published
Sep 20, 2023
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant...
High
Unreviewed
CVE-2023-45287
was published
Dec 5, 2023
In Slice, there is a possible disclosure of installed applications due to side channel...
High
Unreviewed
CVE-2023-21298
was published
Oct 30, 2023
In InputMethod, there is a possible way to determine whether an app is installed, without query...
High
Unreviewed
CVE-2023-21337
was published
Oct 30, 2023
In Package Installer, there is a possible way to determine whether an app is installed, without...
High
Unreviewed
CVE-2023-21324
was published
Oct 30, 2023
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS....
High
Unreviewed
CVE-2023-0361
was published
Feb 15, 2023
The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation...
High
Unreviewed
CVE-2022-3907
was published
Dec 5, 2022
An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response...
High
Unreviewed
CVE-2023-26071
was published
Mar 28, 2023
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS...
High
Unreviewed
CVE-2021-42016
was published
Mar 9, 2022
A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected...
High
Unreviewed
CVE-2013-10006
was published
Jan 1, 2023
In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow...
High
Unreviewed
CVE-2019-6602
was published
May 13, 2022
Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie.
High
Unreviewed
CVE-2019-10233
was published
May 13, 2022
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys...
High
Unreviewed
CVE-2016-6489
was published
May 13, 2022
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2),...
High
Unreviewed
CVE-2017-6168
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API