GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

45 advisories

Filter by severity

Sort by

Least recently updated

Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may... High Unreviewed

CVE-2024-28885 was published Nov 13, 2024

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information... High Unreviewed

CVE-2024-40490 was published Nov 1, 2024

mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed

CVE-2024-7010 was published Oct 29, 2024

Video frames could have been leaked between origins in some situations. This vulnerability... High Unreviewed

CVE-2024-10463 was published Oct 29, 2024

Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401,... High Unreviewed

CVE-2024-39921 was published Sep 4, 2024

Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when... High Unreviewed

CVE-2024-39830 was published Jul 3, 2024

The Kyber reference implementation before 9b8d306, when compiled by LLVM Clang through 18.x with... High Unreviewed

CVE-2024-37880 was published Jun 10, 2024

A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed

CVE-2024-5124 was published Jun 6, 2024

A potential security vulnerability has been reported in the system BIOS of certain HP PC products... High Unreviewed

CVE-2023-5410 was published Mar 12, 2024

An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response... High Unreviewed

CVE-2022-45177 was published Feb 21, 2024

A security vulnerability has been identified in the pkcs11-provider, which is associated with... High Unreviewed

CVE-2023-6258 was published Jan 30, 2024

Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant... High Unreviewed

CVE-2023-45287 was published Dec 5, 2023

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK... High Unreviewed

CVE-2023-5981 was published Nov 28, 2023

In InputMethod, there is a possible way to determine whether an app is installed, without query... High Unreviewed

CVE-2023-21337 was published Oct 30, 2023

In Slice, there is a possible disclosure of installed applications due to side channel... High Unreviewed

CVE-2023-21298 was published Oct 30, 2023

In Package Installer, there is a possible way to determine whether an app is installed, without... High Unreviewed

CVE-2023-21324 was published Oct 30, 2023

User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during... High Unreviewed

CVE-2023-36127 was published Oct 11, 2023

NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated... High Unreviewed

CVE-2023-25529 was published Sep 20, 2023

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a... High Unreviewed

CVE-2023-33850 was published Aug 22, 2023

The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login... High Unreviewed

CVE-2023-3604 was published Aug 21, 2023

A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping... High Unreviewed

CVE-2023-3640 was published Jul 24, 2023

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem... High Unreviewed

CVE-2023-34669 was published Jul 17, 2023

IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based... High Unreviewed

CVE-2023-32342 was published May 31, 2023

An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response... High Unreviewed

CVE-2023-26071 was published Mar 28, 2023

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.... High Unreviewed

CVE-2023-0361 was published Feb 15, 2023

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

45 advisories