GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Filter by severity

Sort by

Least recently updated

The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are... Moderate Unreviewed

CVE-2019-13377 was published May 24, 2022

Search Guard versions before 21.0 had an timing side channel issue when using the internal user... Moderate Unreviewed

CVE-2019-13420 was published May 24, 2022

HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts... Moderate Unreviewed

CVE-2019-12743 was published May 24, 2022

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers... Moderate Unreviewed

CVE-2019-13383 was published May 24, 2022

Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to... Moderate Unreviewed

CVE-2019-12383 was published May 24, 2022

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed

CVE-2022-24043 was published May 21, 2022

Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability Moderate Unreviewed

CVE-2014-4156 was published May 17, 2022

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider... Moderate Unreviewed

CVE-2013-1620 was published May 14, 2022

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1... Moderate Unreviewed

CVE-2018-9194 was published May 13, 2022

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1... Moderate Unreviewed

CVE-2018-9192 was published May 13, 2022

WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login... Moderate Unreviewed

CVE-2017-8055 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before... Moderate Unreviewed

CVE-2017-7006 was published May 13, 2022

Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an... Moderate Unreviewed

CVE-2017-17427 was published May 13, 2022

The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA... Moderate Unreviewed

CVE-2017-1000385 was published May 13, 2022

A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505,... Moderate Unreviewed

CVE-2017-12373 was published May 13, 2022

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite... Moderate Unreviewed

CVE-2017-13099 was published May 13, 2022

Systems with microprocessors utilizing speculative execution and that perform speculative reads... Moderate Unreviewed

CVE-2018-3640 was published May 13, 2022

Systems with microprocessors utilizing speculative execution and address translations may allow... Moderate Unreviewed

CVE-2018-3620 was published May 13, 2022

Systems with microprocessors utilizing speculative execution and Intel software guard extensions ... Moderate Unreviewed

CVE-2018-3615 was published May 13, 2022

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows... Moderate Unreviewed

CVE-2018-10949 was published May 13, 2022

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA... Moderate Unreviewed

CVE-2018-0495 was published May 13, 2022

A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an... Moderate Unreviewed

CVE-2018-0134 was published May 13, 2022

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software... Moderate Unreviewed

CVE-2018-5407 was published May 13, 2022

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls... Moderate Unreviewed

CVE-2018-16868 was published May 13, 2022

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle... Moderate Unreviewed

CVE-2018-16869 was published May 13, 2022

Previous 1 2 … 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299 advisories