Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Padding Oracle Attack due to Observable Timing Discrepancy in jose Moderate
CVE-2021-29443 was published for jose (npm) Apr 19, 2021
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime Moderate
CVE-2021-29445 was published for jose-node-esm-runtime (npm) Apr 19, 2021
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime Moderate
CVE-2021-29446 was published for jose-node-cjs-runtime (npm) Apr 19, 2021
skylot jadx affected by Incorrect Behavior Order in vulnerable dependency Moderate
GHSA-fjh6-p566-wr6q was published for io.github.skylot:jadx-core (Maven) Jul 21, 2022
Roulettiq
Incorrect behavior order in the Command Centre Server could allow privileged users to gain... Moderate Unreviewed
CVE-2023-23576 was published Dec 19, 2023
Potential DoS via the Tudoor mechanism in eventlet and dnspython Moderate
CVE-2023-29483 was published for dnspython (pip) Apr 11, 2024
An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300... Moderate Unreviewed
CVE-2024-30410 was published Apr 12, 2024
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper... Moderate Unreviewed
CVE-2024-30389 was published Apr 12, 2024
An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user... Moderate Unreviewed
CVE-2024-45157 was published Sep 5, 2024
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11... Moderate Unreviewed
CVE-2023-52968 was published Mar 9, 2025
Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated... Moderate Unreviewed
CVE-2025-20012 was published May 13, 2025
In WhiteBeam 0.2.0 through 0.2.1 before 0.2.2, a user with local access to a server can bypass... Moderate Unreviewed
CVE-2021-47688 was published Jun 23, 2025
Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can... Moderate Unreviewed
CVE-2025-48965 was published Jul 20, 2025
The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Agent, where the Control-M... Moderate Unreviewed
CVE-2025-55114 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database