Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

32 advisories

Loading
A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue... Moderate Unreviewed
CVE-2014-125056 was published Jan 7, 2023
A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is... Moderate Unreviewed
CVE-2022-4823 was published Dec 28, 2022
A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected... High Unreviewed
CVE-2013-10006 was published Jan 1, 2023
Potential floating point value injection in all supported CPU products, in conjunction with... Moderate Unreviewed
CVE-2021-26314 was published May 24, 2022
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM... Moderate Unreviewed
CVE-2023-41097 was published Dec 21, 2023
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated... High Unreviewed
CVE-2023-25529 was published Sep 20, 2023
A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib... Moderate Unreviewed
CVE-2024-0202 was published Feb 5, 2024
Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy... Moderate Unreviewed
CVE-2021-21575 was published Feb 2, 2024
The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM,... Moderate Unreviewed
CVE-2022-25332 was published Oct 19, 2023
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time Low Unreviewed
CVE-2024-41828 was published Jul 22, 2024
The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.... Critical Unreviewed
CVE-2023-41313 was published Mar 12, 2024
Windows Kerberos Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-29995 was published Aug 13, 2024
An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The AES implementation is... Critical Unreviewed
CVE-2024-45191 was published Aug 22, 2024
The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against... Moderate Unreviewed
CVE-2024-1543 was published Aug 30, 2024
Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1... High Unreviewed
CVE-2024-31074 was published Nov 13, 2024
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to... Moderate Unreviewed
CVE-2024-41741 was published Nov 1, 2024
GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp... Moderate Unreviewed
CVE-2024-56738 was published Dec 29, 2024
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,... Moderate Unreviewed
CVE-2020-35165 was published May 22, 2024
An issue was discovered in the Winbox service of MikroTik RouterOS v6.43 through v7.16.1. A... Moderate Unreviewed
CVE-2024-54772 was published Feb 12, 2025
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-22340 was published Mar 11, 2025
An issue was discovered in OpenSlides before 4.2.5. During login at the /system/auth/login/... Moderate Unreviewed
CVE-2025-30344 was published Mar 21, 2025
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may... Moderate Unreviewed
CVE-2024-2236 was published Mar 7, 2024
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow... High Unreviewed
CVE-2024-13939 was published Mar 28, 2025
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... High Unreviewed
CVE-2021-42016 was published Mar 9, 2022
Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a... Moderate Unreviewed
CVE-2025-20067 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database