GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
Observable Timing Discrepancy in aaugustin websockets library
High
CVE-2021-33880
was published
for
websockets
(pip)
Jun 11, 2021
Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1...
High
Unreviewed
CVE-2024-31074
was published
Nov 13, 2024
basic-auth-connect's callback uses time unsafe string comparison
High
CVE-2024-47178
was published
for
basic-auth-connect
(npm)
Sep 30, 2024
Mailman Core vulnerable to timing attacks
High
CVE-2021-34337
was published
for
mailman
(pip)
Apr 15, 2023
Windows Kerberos Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29995
was published
Aug 13, 2024
Python Cryptography package vulnerable to Bleichenbacher timing oracle attack
High
CVE-2023-50782
was published
for
cryptography
(pip)
Feb 5, 2024
Symfony Vulnerable to Timing Attack
High
CVE-2015-8125
was published
for
symfony/form
(Composer)
May 17, 2022
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated...
High
Unreviewed
CVE-2023-25529
was published
Sep 20, 2023
Minerva timing attack on P-256 in python-ecdsa
High
CVE-2024-23342
was published
for
ecdsa
(pip)
Jan 22, 2024
generator-jhipster allows a timing attack against validateToken due to a string comparison that stops at the first character
High
CVE-2015-20110
was published
for
generator-jhipster
(npm)
Oct 31, 2023
Observable timing discrepancy in JOpenId
High
CVE-2010-10006
was published
for
org.expressme:JOpenId
(Maven)
Jan 18, 2023
Atlantis Events vulnerable to Timing Attack
High
CVE-2022-24912
was published
for
github.com/runatlantis/atlantis
(Go)
Jul 30, 2022
libsecp256k1 contains side-channel timing attack
High
CVE-2019-25003
was published
for
libsecp256k1
(Rust)
Aug 25, 2021
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS...
High
Unreviewed
CVE-2021-42016
was published
Mar 9, 2022
A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected...
High
Unreviewed
CVE-2013-10006
was published
Jan 1, 2023
fastify-bearer-auth vulnerable to Timing Attack Vector
High
CVE-2022-31142
was published
for
@fastify/bearer-auth
(npm)
Jul 15, 2022
Wildfly-elytron possibly vulnerable to timing attacks via use of unsafe comparator
High
CVE-2022-3143
was published
for
org.wildfly.security:wildfly-elytron
(Maven)
Jan 13, 2023
ProTip!
Advisories are also available from the
GraphQL API