GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,882
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,938
npm 4,145
NuGet 735
pip 3,947
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,470

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

613 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

When binding against a DN during authentication, the reply from 389-ds-base will be different... Moderate Unreviewed

CVE-2020-35518 was published May 24, 2022

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs... Moderate Unreviewed

CVE-2020-27170 was published May 24, 2022

Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21181 was published May 24, 2022

Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72... Moderate Unreviewed

CVE-2021-21173 was published May 24, 2022

** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can discover whether a... Moderate Unreviewed

CVE-2021-27583 was published May 24, 2022

A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login... Moderate Unreviewed

CVE-2020-9389 was published May 24, 2022

A flaw was found in all released versions of m2crypto, where they are vulnerable to... Moderate Unreviewed

CVE-2020-25657 was published May 24, 2022

An email address enumeration vulnerability exists in the password reset function of Rocket.Chat... Moderate Unreviewed

CVE-2020-28208 was published May 24, 2022

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security... Moderate Unreviewed

CVE-2021-3011 was published May 24, 2022

An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin... Moderate Unreviewed

CVE-2020-35624 was published May 24, 2022

An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and... Moderate Unreviewed

CVE-2020-35480 was published May 24, 2022

An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any... Low Unreviewed

CVE-2020-29480 was published May 24, 2022

In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure.... Moderate Unreviewed

CVE-2020-0464 was published May 24, 2022

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES... Moderate Unreviewed

CVE-2020-28368 was published May 24, 2022

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to... Moderate Unreviewed

CVE-2020-12912 was published May 24, 2022

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco... Moderate Unreviewed

CVE-2020-3585 was published May 24, 2022

When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series... Moderate Unreviewed

CVE-2020-1685 was published May 24, 2022

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management... Moderate Unreviewed

CVE-2020-5143 was published May 24, 2022

During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time... Moderate Unreviewed

CVE-2020-12401 was published May 24, 2022

When converting coordinates from projective to affine, the modular inversion was not performed in... Moderate Unreviewed

CVE-2020-12400 was published May 24, 2022

Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth... Moderate Unreviewed

CVE-2020-25200 was published May 24, 2022

A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by... Moderate Unreviewed

CVE-2020-11683 was published May 24, 2022

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being... Moderate Unreviewed

CVE-2020-1968 was published May 24, 2022

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted... Low Unreviewed

CVE-2020-16150 was published May 24, 2022

An information disclosure vulnerability exists on ARM implementations that use speculative... Low Unreviewed

CVE-2020-1459 was published May 24, 2022

Previous 1…17…25 Next

Previous 1 2 … 15 16 17 18 19 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

613 advisories