GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Filter by severity

Sort by

Least recently updated

Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72... Moderate Unreviewed

CVE-2021-21173 was published May 24, 2022

** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can discover whether a... Moderate Unreviewed

CVE-2021-27583 was published May 24, 2022

A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login... Moderate Unreviewed

CVE-2020-9389 was published May 24, 2022

A flaw was found in all released versions of m2crypto, where they are vulnerable to... Moderate Unreviewed

CVE-2020-25657 was published May 24, 2022

An email address enumeration vulnerability exists in the password reset function of Rocket.Chat... Moderate Unreviewed

CVE-2020-28208 was published May 24, 2022

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security... Moderate Unreviewed

CVE-2021-3011 was published May 24, 2022

An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin... Moderate Unreviewed

CVE-2020-35624 was published May 24, 2022

An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and... Moderate Unreviewed

CVE-2020-35480 was published May 24, 2022

In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure.... Moderate Unreviewed

CVE-2020-0464 was published May 24, 2022

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES... Moderate Unreviewed

CVE-2020-28368 was published May 24, 2022

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to... Moderate Unreviewed

CVE-2020-12912 was published May 24, 2022

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco... Moderate Unreviewed

CVE-2020-3585 was published May 24, 2022

When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series... Moderate Unreviewed

CVE-2020-1685 was published May 24, 2022

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management... Moderate Unreviewed

CVE-2020-5143 was published May 24, 2022

During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time... Moderate Unreviewed

CVE-2020-12401 was published May 24, 2022

When converting coordinates from projective to affine, the modular inversion was not performed in... Moderate Unreviewed

CVE-2020-12400 was published May 24, 2022

Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth... Moderate Unreviewed

CVE-2020-25200 was published May 24, 2022

A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by... Moderate Unreviewed

CVE-2020-11683 was published May 24, 2022

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being... Moderate Unreviewed

CVE-2020-1968 was published May 24, 2022

Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed... Moderate Unreviewed

CVE-2020-6531 was published May 24, 2022

During RSA key generation, bignum implementations used a variation of the Binary Extended... Moderate Unreviewed

CVE-2020-12402 was published May 24, 2022

NSS has shown timing differences when performing DSA signatures, which was exploitable and could... Moderate Unreviewed

CVE-2020-12399 was published May 24, 2022

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the... Moderate Unreviewed

CVE-2020-14002 was published May 24, 2022

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an... Moderate Unreviewed

CVE-2020-14145 was published May 24, 2022

The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular... Moderate Unreviewed

CVE-2020-11735 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299 advisories