Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

506 advisories

Loading
** DISPUTED ** On ShapeShift KeepKey devices, a side channel for the row-based OLED display was... Low Unreviewed
CVE-2019-14355 was published May 24, 2022
HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts... Moderate Unreviewed
CVE-2019-12743 was published May 24, 2022
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous... High Unreviewed
CVE-2019-9815 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers... Moderate Unreviewed
CVE-2019-13383 was published May 24, 2022
Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to... Moderate Unreviewed
CVE-2019-12383 was published May 24, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed
CVE-2022-24043 was published May 21, 2022
Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability Moderate Unreviewed
CVE-2014-4156 was published May 17, 2022
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider... Moderate Unreviewed
CVE-2013-1620 was published May 14, 2022
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1... Moderate Unreviewed
CVE-2018-9194 was published May 13, 2022
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1... Moderate Unreviewed
CVE-2018-9192 was published May 13, 2022
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login... Moderate Unreviewed
CVE-2017-8055 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before... Moderate Unreviewed
CVE-2017-7006 was published May 13, 2022
Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an... Moderate Unreviewed
CVE-2017-17427 was published May 13, 2022
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA... Moderate Unreviewed
CVE-2017-1000385 was published May 13, 2022
Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is... Moderate Unreviewed
CVE-2016-9129 was published May 13, 2022
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505,... Moderate Unreviewed
CVE-2017-12373 was published May 13, 2022
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite... Moderate Unreviewed
CVE-2017-13099 was published May 13, 2022
In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow... High Unreviewed
CVE-2019-6602 was published May 13, 2022
Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. High Unreviewed
CVE-2019-10233 was published May 13, 2022
Systems with microprocessors utilizing speculative execution and that perform speculative reads... Moderate Unreviewed
CVE-2018-3640 was published May 13, 2022
Systems with microprocessors utilizing speculative execution and address translations may allow... Moderate Unreviewed
CVE-2018-3620 was published May 13, 2022
Systems with microprocessors utilizing speculative execution and Intel software guard extensions ... Moderate Unreviewed
CVE-2018-3615 was published May 13, 2022
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows... Moderate Unreviewed
CVE-2018-10949 was published May 13, 2022
Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to... Critical Unreviewed
CVE-2018-1000884 was published May 13, 2022
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA... Moderate Unreviewed
CVE-2018-0495 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database