GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,298

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

323 advisories

Filter by severity

Sort by

Least recently updated

** DISPUTED ** On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was... Moderate Unreviewed

CVE-2019-14356 was published May 24, 2022

Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth... Moderate Unreviewed

CVE-2020-25200 was published May 24, 2022

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as... Moderate Unreviewed

CVE-2023-5992 was published Jan 31, 2024

Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability Moderate Unreviewed

CVE-2014-4156 was published May 17, 2022

HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts... Moderate Unreviewed

CVE-2019-12743 was published May 24, 2022

The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are... Moderate Unreviewed

CVE-2019-13377 was published May 24, 2022

In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed

CVE-2019-1563 was published May 24, 2022

Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that... Moderate Unreviewed

CVE-2019-13140 was published May 24, 2022

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through... Moderate Unreviewed

CVE-2019-3740 was published May 24, 2022

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing... Moderate Unreviewed

CVE-2019-3739 was published May 24, 2022

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library.... Moderate Unreviewed

CVE-2019-13627 was published May 24, 2022

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the... Moderate Unreviewed

CVE-2019-15809 was published May 24, 2022

On Archos Safe-T devices, a side channel for the row-based OLED display was found. The power... Moderate Unreviewed

CVE-2019-14358 was published May 24, 2022

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to... Moderate Unreviewed

CVE-2015-0837 was published May 24, 2022

GnuTLS incorrectly validates the first byte of padding in CBC modes Moderate Unreviewed

CVE-2015-8313 was published May 24, 2022

LabVantage LIMS 8.3 does not properly maintain the confidentiality of database names. For example... Moderate Unreviewed

CVE-2020-7959 was published May 24, 2022

The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular... Moderate Unreviewed

CVE-2020-11735 was published May 24, 2022

Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal... Moderate Unreviewed

CVE-2021-31866 was published May 24, 2022

A username enumeration issue was discovered in Medicine Tracker System 1.0. The login... Moderate Unreviewed

CVE-2023-30458 was published Apr 24, 2023

The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be... Moderate Unreviewed

CVE-2022-40482 was published Apr 25, 2023

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,... Moderate Unreviewed

CVE-2023-23449 was published May 15, 2023

When supplied with a random MAC address, Snap One OvrC cloud servers will return... Moderate Unreviewed

CVE-2023-28412 was published May 22, 2023

AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use... Moderate Unreviewed

CVE-2023-34344 was published Jun 12, 2023

The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a... Moderate Unreviewed

CVE-2023-3139 was published Jul 4, 2023

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.... Moderate Unreviewed

CVE-2023-3336 was published Jul 5, 2023

Previous 1 2 … 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

323 advisories