GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,486

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

358 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response... Moderate Unreviewed

CVE-2020-13413 was published May 24, 2022

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access... Moderate Unreviewed

CVE-2022-46392 was published Dec 16, 2022

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an... Moderate Unreviewed

CVE-2020-14145 was published May 24, 2022

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly... Moderate Unreviewed

CVE-2016-2178 was published May 13, 2022

NSS has shown timing differences when performing DSA signatures, which was exploitable and could... Moderate Unreviewed

CVE-2020-12399 was published May 24, 2022

During RSA key generation, bignum implementations used a variation of the Binary Extended... Moderate Unreviewed

CVE-2020-12402 was published May 24, 2022

Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed... Moderate Unreviewed

CVE-2020-6531 was published May 24, 2022

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management... Moderate Unreviewed

CVE-2020-5143 was published May 24, 2022

When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series... Moderate Unreviewed

CVE-2020-1685 was published May 24, 2022

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to... Moderate Unreviewed

CVE-2020-12912 was published May 24, 2022

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco... Moderate Unreviewed

CVE-2020-3585 was published May 24, 2022

A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by... Moderate Unreviewed

CVE-2020-11683 was published May 24, 2022

In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure.... Moderate Unreviewed

CVE-2020-0464 was published May 24, 2022

An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin... Moderate Unreviewed

CVE-2020-35624 was published May 24, 2022

A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login... Moderate Unreviewed

CVE-2020-9389 was published May 24, 2022

An email address enumeration vulnerability exists in the password reset function of Rocket.Chat... Moderate Unreviewed

CVE-2020-28208 was published May 24, 2022

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES... Moderate Unreviewed

CVE-2020-28368 was published May 24, 2022

An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and... Moderate Unreviewed

CVE-2020-35480 was published May 24, 2022

Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72... Moderate Unreviewed

CVE-2021-21173 was published May 24, 2022

An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR... Moderate Unreviewed

CVE-2021-27342 was published May 24, 2022

Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against... Moderate Unreviewed

CVE-2020-27211 was published May 24, 2022

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider... Moderate Unreviewed

CVE-2013-1620 was published May 14, 2022

Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized... Moderate Unreviewed

CVE-2021-0001 was published May 24, 2022

IBM Security Identity Manager 7.0.2 could allow a remote user to enumerate usernames due to a... Moderate Unreviewed

CVE-2021-29687 was published May 24, 2022

Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21181 was published May 24, 2022

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

358 advisories