GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,381

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Filter by severity

Sort by

Least recently updated

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1... Moderate Unreviewed

CVE-2017-15533 was published May 13, 2022

Symantec IntelligenceCenter 3.3 is vulnerable to the Return of the Bleichenbacher Oracle Threat ... Moderate Unreviewed

CVE-2017-18268 was published May 13, 2022

The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks... Moderate Unreviewed

CVE-2019-9494 was published May 13, 2022

The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel... Moderate Unreviewed

CVE-2019-9495 was published May 13, 2022

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly... Moderate Unreviewed

CVE-2016-2178 was published May 13, 2022

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to... Moderate Unreviewed

CVE-2019-1559 was published May 13, 2022

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and... Moderate Unreviewed

CVE-2017-5107 was published May 13, 2022

Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed

CVE-2021-33149 was published May 13, 2022

The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The... Moderate Unreviewed

CVE-2021-33845 was published May 7, 2022

The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet... Moderate Unreviewed

CVE-2005-0918 was published May 1, 2022

The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which... Moderate Unreviewed

CVE-2004-2252 was published Apr 29, 2022

Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and... Moderate Unreviewed

CVE-2004-2150 was published Apr 29, 2022

ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given... Moderate Unreviewed

CVE-2004-1602 was published Apr 29, 2022

ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of... Moderate Unreviewed

CVE-2004-1428 was published Apr 29, 2022

Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a... Moderate Unreviewed

CVE-2003-0637 was published Apr 29, 2022

OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an... Moderate Unreviewed

CVE-2003-0190 was published Apr 29, 2022

Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local... Moderate Unreviewed

CVE-2022-1318 was published Apr 21, 2022

IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due... Moderate Unreviewed

CVE-2022-22356 was published Apr 6, 2022

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2021-39744 was published Mar 31, 2022

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed

CVE-2021-39745 was published Mar 31, 2022

In Framework, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39756 was published Mar 31, 2022

In DevicePolicyManager, there is a possible way to reveal the existence of an installed package... Moderate Unreviewed

CVE-2021-39755 was published Mar 31, 2022

In ContextImpl, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39754 was published Mar 31, 2022

In AudioService, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39760 was published Mar 31, 2022

In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39766 was published Mar 31, 2022

Previous 1 2 … 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299 advisories