Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,496
Maven
5,000+
npm
4,138
NuGet
735
pip
3,945
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

374 advisories

Loading
In multiple locations, there is a possible way to access data displayed on the screen due to side... Moderate Unreviewed
CVE-2025-48561 was published Sep 4, 2025
Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique... Moderate Unreviewed
CVE-2022-34704 was published Aug 10, 2022
In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset... Moderate Unreviewed
CVE-2022-22120 was published Jan 11, 2022
A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this... Moderate Unreviewed
CVE-2025-9109 was published Aug 18, 2025
The public-facing product registration endpoint server responds differently depending on whether... Moderate Unreviewed
CVE-2025-47872 was published Aug 8, 2025
there is a possible information disclosure due to side channel information disclosure. This could... Moderate Unreviewed
CVE-2024-32926 was published Jun 13, 2024
An issue was discovered in eGroupWare 17.1.20190111. A User Enumeration vulnerability exists... Moderate Unreviewed
CVE-2023-38327 was published Jul 11, 2025
A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the... Moderate Unreviewed
CVE-2025-24391 was published Jul 14, 2025
Timing difference in password reset in Ergon Informatik AG's Airlock IAM 7.7.9, 8.0.8, 8.1.7, 8.2... Moderate Unreviewed
CVE-2025-6056 was published Jul 4, 2025
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing... Moderate Unreviewed
CVE-2024-23170 was published Jan 31, 2024
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack... Moderate Unreviewed
CVE-2023-5388 was published Mar 19, 2024
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX... Moderate Unreviewed
CVE-2025-3939 was published May 22, 2025
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature... Moderate Unreviewed
CVE-2022-30332 was published Jan 10, 2023
CWE-203: Observable Discrepancy Moderate Unreviewed
CVE-2025-23182 was published May 22, 2025
Observable behavioral in power management throttling for some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2022-24436 was published Jun 16, 2022
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed
CVE-2021-33149 was published May 13, 2022
An information-disclosure vulnerability exists on select NXP devices when configured in Serial... Moderate Unreviewed
CVE-2022-45163 was published Nov 19, 2022
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate... Moderate Unreviewed
CVE-2022-0564 was published Feb 22, 2022
Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid... Moderate Unreviewed
CVE-2021-47664 was published Apr 24, 2025
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access... Moderate Unreviewed
CVE-2022-46392 was published Dec 16, 2022
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite... Moderate Unreviewed
CVE-2017-13099 was published May 13, 2022
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA... Moderate Unreviewed
CVE-2017-1000385 was published May 13, 2022
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505,... Moderate Unreviewed
CVE-2017-12373 was published May 13, 2022
Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an... Moderate Unreviewed
CVE-2017-17427 was published May 13, 2022
Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is... Moderate Unreviewed
CVE-2016-9129 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database