Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to... High Unreviewed
CVE-2024-49734 was published Jan 22, 2025
In multiple locations, there is a possible way to obtain any system permission due to a logic... High Unreviewed
CVE-2024-43095 was published Jan 22, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... High Unreviewed
CVE-2025-21510 was published Jan 21, 2025
An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows... High Unreviewed
CVE-2024-54767 was published Jan 7, 2025
In the LG LAF component, there is a special command that allowed modification of certain... High Unreviewed
CVE-2018-9364 was published Nov 19, 2024
Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may... High Unreviewed
CVE-2024-28885 was published Nov 13, 2024
An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-40490 was published Nov 1, 2024
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed
CVE-2024-7010 was published Oct 29, 2024
Video frames could have been leaked between origins in some situations. This vulnerability... High Unreviewed
CVE-2024-10463 was published Oct 29, 2024
Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401,... High Unreviewed
CVE-2024-39921 was published Sep 4, 2024
Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when... High Unreviewed
CVE-2024-39830 was published Jul 3, 2024
The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with... High Unreviewed
CVE-2024-37880 was published Jun 10, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed
CVE-2024-5124 was published Jun 6, 2024
Windows DNS Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-26221 was published Apr 9, 2024
A potential security vulnerability has been reported in the system BIOS of certain HP PC products... High Unreviewed
CVE-2023-5410 was published Mar 12, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response... High Unreviewed
CVE-2022-45177 was published Feb 21, 2024
Apache Pulsar SASL Authentication Provider observable timing discrepancy vulnerability High
CVE-2023-51437 was published for org.apache.pulsar:pulsar-broker-auth-sasl (Maven) Feb 7, 2024
Python Cryptography package vulnerable to Bleichenbacher timing oracle attack High
CVE-2023-50782 was published for cryptography (pip) Feb 5, 2024
A security vulnerability has been identified in the pkcs11-provider, which is associated with... High Unreviewed
CVE-2023-6258 was published Jan 30, 2024
Minerva timing attack on P-256 in python-ecdsa High
CVE-2024-23342 was published for ecdsa (pip) Jan 22, 2024
tomato42
Marvin Attack of RSA and RSAOAEP decryption in jsrsasign High
CVE-2024-21484 was published for jsrsasign (npm) Jan 19, 2024
tomato42
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryption High
CVE-2023-52323 was published for pycryptodome (pip) Jan 5, 2024
CubeFS timing attack can leak user passwords High
CVE-2023-46739 was published for github.com/cubefs/cubefs (Go) Jan 3, 2024
AdamKorcz
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant... High Unreviewed
CVE-2023-45287 was published Dec 5, 2023
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK... High Unreviewed
CVE-2023-5981 was published Nov 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database