GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
323 advisories
Filter by severity
** DISPUTED ** On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was...
Moderate
Unreviewed
CVE-2019-14356
was published
May 24, 2022
Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth...
Moderate
Unreviewed
CVE-2020-25200
was published
May 24, 2022
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as...
Moderate
Unreviewed
CVE-2023-5992
was published
Jan 31, 2024
Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability
Moderate
Unreviewed
CVE-2014-4156
was published
May 17, 2022
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts...
Moderate
Unreviewed
CVE-2019-12743
was published
May 24, 2022
The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are...
Moderate
Unreviewed
CVE-2019-13377
was published
May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a...
Moderate
Unreviewed
CVE-2019-1563
was published
May 24, 2022
Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that...
Moderate
Unreviewed
CVE-2019-13140
was published
May 24, 2022
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through...
Moderate
Unreviewed
CVE-2019-3740
was published
May 24, 2022
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing...
Moderate
Unreviewed
CVE-2019-3739
was published
May 24, 2022
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library....
Moderate
Unreviewed
CVE-2019-13627
was published
May 24, 2022
Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the...
Moderate
Unreviewed
CVE-2019-15809
was published
May 24, 2022
On Archos Safe-T devices, a side channel for the row-based OLED display was found. The power...
Moderate
Unreviewed
CVE-2019-14358
was published
May 24, 2022
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to...
Moderate
Unreviewed
CVE-2015-0837
was published
May 24, 2022
GnuTLS incorrectly validates the first byte of padding in CBC modes
Moderate
Unreviewed
CVE-2015-8313
was published
May 24, 2022
LabVantage LIMS 8.3 does not properly maintain the confidentiality of database names. For example...
Moderate
Unreviewed
CVE-2020-7959
was published
May 24, 2022
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular...
Moderate
Unreviewed
CVE-2020-11735
was published
May 24, 2022
Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal...
Moderate
Unreviewed
CVE-2021-31866
was published
May 24, 2022
A username enumeration issue was discovered in Medicine Tracker System 1.0. The login...
Moderate
Unreviewed
CVE-2023-30458
was published
Apr 24, 2023
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be...
Moderate
Unreviewed
CVE-2022-40482
was published
Apr 25, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,...
Moderate
Unreviewed
CVE-2023-23449
was published
May 15, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return...
Moderate
Unreviewed
CVE-2023-28412
was published
May 22, 2023
AMI BMC contains a vulnerability in the IPMI
handler, where an unauthorized attacker can use...
Moderate
Unreviewed
CVE-2023-34344
was published
Jun 12, 2023
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a...
Moderate
Unreviewed
CVE-2023-3139
was published
Jul 4, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability....
Moderate
Unreviewed
CVE-2023-3336
was published
Jul 5, 2023
ProTip!
Advisories are also available from the
GraphQL API