Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

506 advisories

Loading
Potential floating point value injection in all supported CPU products, in conjunction with... Moderate Unreviewed
CVE-2021-26314 was published May 24, 2022
Potential speculative code store bypass in all supported CPU products, in conjunction with... Moderate Unreviewed
CVE-2021-26313 was published May 24, 2022
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to... Low Unreviewed
CVE-2020-24512 was published May 24, 2022
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized... Moderate Unreviewed
CVE-2021-0001 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11... Moderate Unreviewed
CVE-2021-0086 was published May 24, 2022
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed
CVE-2021-0089 was published May 24, 2022
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks... High Unreviewed
CVE-2021-33560 was published May 24, 2022
An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 &... High Unreviewed
CVE-2021-22892 was published May 24, 2022
Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against... Moderate Unreviewed
CVE-2020-27211 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow a remote user to enumerate usernames due to a... Moderate Unreviewed
CVE-2021-29687 was published May 24, 2022
An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR... Moderate Unreviewed
CVE-2021-27342 was published May 24, 2022
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker... Moderate Unreviewed
CVE-2021-1486 was published May 24, 2022
Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal... Moderate Unreviewed
CVE-2021-31866 was published May 24, 2022
When binding against a DN during authentication, the reply from 389-ds-base will be different... Moderate Unreviewed
CVE-2020-35518 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs... Moderate Unreviewed
CVE-2020-27170 was published May 24, 2022
Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed
CVE-2021-21181 was published May 24, 2022
Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72... Moderate Unreviewed
CVE-2021-21173 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can discover whether a... Moderate Unreviewed
CVE-2021-27583 was published May 24, 2022
A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login... Moderate Unreviewed
CVE-2020-9389 was published May 24, 2022
A flaw was found in all released versions of m2crypto, where they are vulnerable to... Moderate Unreviewed
CVE-2020-25657 was published May 24, 2022
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat... Moderate Unreviewed
CVE-2020-28208 was published May 24, 2022
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security... Moderate Unreviewed
CVE-2021-3011 was published May 24, 2022
An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin... Moderate Unreviewed
CVE-2020-35624 was published May 24, 2022
An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and... Moderate Unreviewed
CVE-2020-35480 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any... Low Unreviewed
CVE-2020-29480 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database