GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,645
Composer 4,233
Erlang 31
GitHub Actions 20
Go 1,992
Maven 5,179
npm 3,709
NuGet 661
pip 3,346
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,947

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

302 advisories

Filter by severity

Sort by

Least recently updated

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error... Moderate Unreviewed

CVE-2024-38322 was published Jun 29, 2024

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected... Moderate Unreviewed

CVE-2024-6129 was published Jun 18, 2024

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Moderate Unreviewed

CVE-2024-6056 was published Jun 17, 2024

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the... Moderate Unreviewed

CVE-2024-38465 was published Jun 16, 2024

By monitoring the time certain operations take, an attacker could have guessed which external... Moderate Unreviewed

CVE-2024-5690 was published Jun 11, 2024

IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by... Moderate Unreviewed

CVE-2024-31878 was published Jun 7, 2024

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is... Moderate Unreviewed

CVE-2024-27839 was published May 14, 2024

In Logpoint before 7.4.0, an attacker can enumerate a valid list of usernames by using publicly... Moderate Unreviewed

CVE-2024-30176 was published May 1, 2024

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be... Moderate Unreviewed

CVE-2024-2467 was published Apr 25, 2024

A timing-based side-channel exists in the rust-openssl package, which could be sufficient to... Moderate Unreviewed

CVE-2024-3296 was published Apr 4, 2024

This issue occurs during password recovery, where a difference in messages could allow an... Moderate Unreviewed

CVE-2024-2464 was published Mar 21, 2024

User enumeration can occur in the Authentication REST API in Delinea PAM Secret Server 11.4. This... Moderate Unreviewed

CVE-2024-25651 was published Mar 14, 2024

User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported... Moderate Unreviewed

CVE-2024-26268 was published Feb 20, 2024

wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a... Moderate Unreviewed

CVE-2023-6935 was published Feb 10, 2024

A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib... Moderate Unreviewed

CVE-2024-0202 was published Feb 5, 2024

A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the... Moderate Unreviewed

CVE-2023-6240 was published Feb 4, 2024

Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy... Moderate Unreviewed

CVE-2021-21575 was published Feb 2, 2024

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as... Moderate Unreviewed

CVE-2023-5992 was published Jan 31, 2024

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing... Moderate Unreviewed

CVE-2024-23170 was published Jan 31, 2024

A timing side-channel vulnerability has been discovered in the opencryptoki package while... Moderate Unreviewed

CVE-2024-0914 was published Jan 31, 2024

A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of... Moderate Unreviewed

CVE-2024-0564 was published Jan 30, 2024

An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user... Moderate Unreviewed

CVE-2024-22647 was published Jan 30, 2024

A timing side-channel issue was addressed with improvements to constant-time computation in... Moderate Unreviewed

CVE-2024-23218 was published Jan 23, 2024

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK... Moderate Unreviewed

CVE-2024-0553 was published Jan 16, 2024

Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1... Moderate Unreviewed

CVE-2023-50979 was published Dec 27, 2023

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

302 advisories