GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,898

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

513 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which... Low Unreviewed

CVE-2025-11932 was published Nov 22, 2025

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels... Low Unreviewed

CVE-2025-12888 was published Nov 22, 2025

IBM Aspera 5.0.0 through 5.0.13.1 could disclose sensitive user information from the system to... Moderate Unreviewed

CVE-2025-36225 was published Oct 9, 2025

Improper handling of authentication requests lead to a user enumeration vector in the passkey... Moderate Unreviewed

CVE-2025-54477 was published Sep 30, 2025

Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated... High Unreviewed

CVE-2025-41252 was published Sep 29, 2025

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote... Critical Unreviewed

CVE-2025-10890 was published Sep 24, 2025

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc.... Moderate Unreviewed

CVE-2025-9031 was published Sep 24, 2025

In multiple locations, there is a possible way to access data displayed on the screen due to side... Moderate Unreviewed

CVE-2025-48561 was published Sep 4, 2025

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this... Moderate Unreviewed

CVE-2025-9109 was published Aug 18, 2025

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic.... Low Unreviewed

CVE-2025-8774 was published Aug 9, 2025

The public-facing product registration endpoint server responds differently depending on whether... Moderate Unreviewed

CVE-2025-47872 was published Aug 8, 2025

A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the... Moderate Unreviewed

CVE-2025-24391 was published Jul 14, 2025

An issue was discovered in eGroupWare 17.1.20190111. A User Enumeration vulnerability exists... Moderate Unreviewed

CVE-2023-38327 was published Jul 11, 2025

Timing difference in password reset in Ergon Informatik AG's Airlock IAM 7.7.9, 8.0.8, 8.1.7, 8.2... Moderate Unreviewed

CVE-2025-6056 was published Jul 4, 2025

A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due... High Unreviewed

CVE-2025-34091 was published Jul 2, 2025

user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a... High Unreviewed

CVE-2025-40732 was published Jun 30, 2025

A minor information leak when running Screen with setuid-root privileges allosw unprivileged... Low Unreviewed

CVE-2025-46804 was published May 26, 2025

CWE-203: Observable Discrepancy Moderate Unreviewed

CVE-2025-23182 was published May 22, 2025

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX... Moderate Unreviewed

CVE-2025-3939 was published May 22, 2025

Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid... Moderate Unreviewed

CVE-2021-47664 was published Apr 24, 2025

Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an... Moderate Unreviewed

CVE-2024-11084 was published Apr 15, 2025

During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered... Moderate Unreviewed

CVE-2025-0361 was published Apr 8, 2025

IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive... Moderate Unreviewed

CVE-2024-51477 was published Mar 29, 2025

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow... High Unreviewed

CVE-2024-13939 was published Mar 28, 2025

An issue was discovered in OpenSlides before 4.2.5. During login at the /system/auth/login/... Moderate Unreviewed

CVE-2025-30344 was published Mar 21, 2025

Previous1…21 Next

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

513 advisories