GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,775

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

506 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure.... Moderate Unreviewed

CVE-2020-0464 was published May 24, 2022

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES... Moderate Unreviewed

CVE-2020-28368 was published May 24, 2022

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to... Moderate Unreviewed

CVE-2020-12912 was published May 24, 2022

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco... Moderate Unreviewed

CVE-2020-3585 was published May 24, 2022

When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series... Moderate Unreviewed

CVE-2020-1685 was published May 24, 2022

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management... Moderate Unreviewed

CVE-2020-5143 was published May 24, 2022

During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time... Moderate Unreviewed

CVE-2020-12401 was published May 24, 2022

When converting coordinates from projective to affine, the modular inversion was not performed in... Moderate Unreviewed

CVE-2020-12400 was published May 24, 2022

Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth... Moderate Unreviewed

CVE-2020-25200 was published May 24, 2022

A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by... Moderate Unreviewed

CVE-2020-11683 was published May 24, 2022

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being... Moderate Unreviewed

CVE-2020-1968 was published May 24, 2022

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted... Low Unreviewed

CVE-2020-16150 was published May 24, 2022

An information disclosure vulnerability exists on ARM implementations that use speculative... Low Unreviewed

CVE-2020-1459 was published May 24, 2022

Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed... Moderate Unreviewed

CVE-2020-6531 was published May 24, 2022

During RSA key generation, bignum implementations used a variation of the Binary Extended... Moderate Unreviewed

CVE-2020-12402 was published May 24, 2022

NSS has shown timing differences when performing DSA signatures, which was exploitable and could... Moderate Unreviewed

CVE-2020-12399 was published May 24, 2022

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the... Moderate Unreviewed

CVE-2020-14002 was published May 24, 2022

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an... Moderate Unreviewed

CVE-2020-14145 was published May 24, 2022

The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular... Moderate Unreviewed

CVE-2020-11735 was published May 24, 2022

** VERSION NOT SUPPORTED WHEN ASSIGNED ** Citrix XenApp 6.5, when 2FA is enabled, allows a remote... Moderate Unreviewed

CVE-2020-13998 was published May 24, 2022

Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in... Low Unreviewed

CVE-2020-13844 was published May 24, 2022

An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response... Moderate Unreviewed

CVE-2020-13413 was published May 24, 2022

wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing... Moderate Unreviewed

CVE-2020-11713 was published May 24, 2022

An exploitable timing discrepancy vulnerability exists in the authentication functionality of the... Moderate Unreviewed

CVE-2019-5135 was published May 24, 2022

LabVantage LIMS 8.3 does not properly maintain the confidentiality of database names. For example... Moderate Unreviewed

CVE-2020-7959 was published May 24, 2022

Previous 1…15…21 Next

Previous 1 2 … 13 14 15 16 17 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

506 advisories