GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,827
Composer 5,724
Erlang 50
GitHub Actions 50
Go 3,673
Maven 6,472
npm 6,000
NuGet 932
pip 4,891
Pub 13
RubyGems 1,051
Rust 1,315
Swift 53

Unreviewed advisories

All unreviewed 300,570

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

39 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest... Moderate Unreviewed

CVE-2026-33006 was published May 4, 2026

An attacker on the same network as the remote application may be able to utilize a timing attack... High Unreviewed

CVE-2026-40972 was published Apr 28, 2026

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For... High Unreviewed

CVE-2026-5086 was published Apr 14, 2026

In drawLayersInternal of SkiaRenderEngine.cpp, there is a possible way to access the GPU cache... High Unreviewed

CVE-2025-48630 was published Mar 2, 2026

Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical... Moderate Unreviewed

CVE-2025-52457 was published Nov 18, 2025

Mbed TLS through 3.6.4 has an Observable Timing Discrepancy. Moderate Unreviewed

CVE-2025-59438 was published Oct 21, 2025

Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct... Moderate Unreviewed

CVE-2025-54764 was published Oct 21, 2025

Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all... Moderate Unreviewed

CVE-2025-7383 was published Aug 29, 2025

Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions... Moderate Unreviewed

CVE-2025-7071 was published Aug 29, 2025

Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a... Moderate Unreviewed

CVE-2025-20067 was published Aug 12, 2025

Execution time for an unsuccessful login differs when using a non-existing username compared to... Low Unreviewed

CVE-2024-36469 was published Apr 2, 2025

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow... High Unreviewed

CVE-2024-13939 was published Mar 28, 2025

An issue was discovered in OpenSlides before 4.2.5. During login at the /system/auth/login/... Moderate Unreviewed

CVE-2025-30344 was published Mar 21, 2025

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to... Moderate Unreviewed

CVE-2024-22340 was published Mar 11, 2025

An issue was discovered in the Winbox service of MikroTik RouterOS v6.43 through v7.16.1. A... Moderate Unreviewed

CVE-2024-54772 was published Feb 12, 2025

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp... Moderate Unreviewed

CVE-2024-56738 was published Dec 29, 2024

Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1... High Unreviewed

CVE-2024-31074 was published Nov 13, 2024

IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to... Moderate Unreviewed

CVE-2024-41741 was published Nov 1, 2024

mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed

CVE-2024-7010 was published Oct 29, 2024

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against... Moderate Unreviewed

CVE-2024-1543 was published Aug 30, 2024

An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The AES implementation is... Critical Unreviewed

CVE-2024-45191 was published Aug 22, 2024

Windows Kerberos Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-29995 was published Aug 13, 2024

In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time Low Unreviewed

CVE-2024-41828 was published Jul 22, 2024

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,... Moderate Unreviewed

CVE-2020-35165 was published May 22, 2024

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be... Moderate Unreviewed

CVE-2024-2467 was published Apr 25, 2024

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

39 advisories