Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

519 advisories

Loading
Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into... Low Unreviewed
CVE-2025-13912 was published Dec 11, 2025
SpinetiX Fusion Digital Signage 3.4.8 contains a username enumeration vulnerability in its login... Moderate Unreviewed
CVE-2020-36888 was published Dec 10, 2025
The server previously verified the TLS 1.3 PSK binder using a non-constant time method which... Low Unreviewed
CVE-2025-11932 was published Nov 22, 2025
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels... Low Unreviewed
CVE-2025-12888 was published Nov 22, 2025
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks... High Unreviewed
CVE-2021-33560 was published May 24, 2022
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated... Moderate Unreviewed
CVE-2025-39665 was published Dec 3, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59702 was published Dec 2, 2025
Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft... Moderate Unreviewed
CVE-2019-11743 was published May 24, 2022
An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12... Moderate Unreviewed
CVE-2025-56423 was published Nov 24, 2025
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g.,... Moderate Unreviewed
CVE-2021-33624 was published May 24, 2022
A timing side-channel issue was addressed with improvements to constant-time computation in... Moderate Unreviewed
CVE-2024-23218 was published Jan 23, 2024
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting... Moderate Unreviewed
CVE-2023-4421 was published Dec 12, 2023
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack... Moderate Unreviewed
CVE-2023-5388 was published Mar 19, 2024
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing... Moderate Unreviewed
CVE-2024-23170 was published Jan 31, 2024
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK... High Unreviewed
CVE-2023-5981 was published Nov 28, 2023
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for... High Unreviewed
CVE-2022-4499 was published Jan 11, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS... Moderate Unreviewed
CVE-2024-54476 was published Dec 12, 2024
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are... Low Unreviewed
CVE-2024-21210 was published Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21208 was published Oct 15, 2024
Video frames could have been leaked between origins in some situations. This vulnerability... High Unreviewed
CVE-2024-10463 was published Oct 29, 2024
In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of... Moderate Unreviewed
CVE-2024-47678 was published Oct 21, 2024
Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2024-23984 was published Sep 16, 2024
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as... Moderate Unreviewed
CVE-2023-5992 was published Jan 31, 2024
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a... High Unreviewed
CVE-2023-33850 was published Aug 22, 2023
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Critical Unreviewed
CVE-2025-24146 was published Jan 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database