GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20 advisories
Filter by severity
GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp...
Unknown
Unreviewed
CVE-2024-56738
was published
Dec 29, 2024
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to...
Moderate
Unreviewed
CVE-2024-41741
was published
Nov 1, 2024
Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1...
High
Unreviewed
CVE-2024-31074
was published
Nov 13, 2024
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may...
Moderate
Unreviewed
CVE-2024-2236
was published
Mar 7, 2024
The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against...
Moderate
Unreviewed
CVE-2024-1543
was published
Aug 30, 2024
An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The AES implementation is...
Critical
Unreviewed
CVE-2024-45191
was published
Aug 22, 2024
Windows Kerberos Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29995
was published
Aug 13, 2024
The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks....
Critical
Unreviewed
CVE-2023-41313
was published
Mar 12, 2024
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
Low
Unreviewed
CVE-2024-41828
was published
Jul 22, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,...
Moderate
Unreviewed
CVE-2020-35165
was published
May 22, 2024
The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM,...
Moderate
Unreviewed
CVE-2022-25332
was published
Oct 19, 2023
Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy...
Moderate
Unreviewed
CVE-2021-21575
was published
Feb 2, 2024
A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib...
Moderate
Unreviewed
CVE-2024-0202
was published
Feb 5, 2024
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated...
High
Unreviewed
CVE-2023-25529
was published
Sep 20, 2023
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM...
Moderate
Unreviewed
CVE-2023-41097
was published
Dec 21, 2023
Potential floating point value injection in all supported CPU products, in conjunction with...
Moderate
Unreviewed
CVE-2021-26314
was published
May 24, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS...
High
Unreviewed
CVE-2021-42016
was published
Mar 9, 2022
A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected...
High
Unreviewed
CVE-2013-10006
was published
Jan 1, 2023
A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is...
Moderate
Unreviewed
CVE-2022-4823
was published
Dec 28, 2022
A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue...
Moderate
Unreviewed
CVE-2014-125056
was published
Jan 7, 2023
ProTip!
Advisories are also available from the
GraphQL API