GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,382

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

45 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker... High Unreviewed

CVE-2021-20049 was published Dec 24, 2021

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... High Unreviewed

CVE-2021-42016 was published Mar 9, 2022

An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised... High Unreviewed

CVE-2020-36517 was published Mar 11, 2022

On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2),... High Unreviewed

CVE-2017-6168 was published May 13, 2022

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys... High Unreviewed

CVE-2016-6489 was published May 13, 2022

Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. High Unreviewed

CVE-2019-10233 was published May 13, 2022

In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow... High Unreviewed

CVE-2019-6602 was published May 13, 2022

If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous... High Unreviewed

CVE-2019-9815 was published May 24, 2022

An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 &... High Unreviewed

CVE-2021-22892 was published May 24, 2022

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks... High Unreviewed

CVE-2021-33560 was published May 24, 2022

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can... High Unreviewed

CVE-2021-34575 was published May 24, 2022

Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2... High Unreviewed

CVE-2021-38562 was published May 24, 2022

In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users... High Unreviewed

CVE-2021-34580 was published May 24, 2022

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU... High Unreviewed

CVE-2021-46778 was published Aug 11, 2022

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance ... High Unreviewed

CVE-2022-20866 was published Aug 11, 2022

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to... High Unreviewed

CVE-2022-37459 was published Aug 18, 2022

The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation... High Unreviewed

CVE-2022-3907 was published Dec 5, 2022

A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected... High Unreviewed

CVE-2013-10006 was published Jan 1, 2023

** DISPUTED ** The AES instructions on the ARMv8 platform do not have an algorithm that is ... High Unreviewed

CVE-2022-48251 was published Jan 10, 2023

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for... High Unreviewed

CVE-2022-4499 was published Jan 11, 2023

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.... High Unreviewed

CVE-2023-0361 was published Feb 15, 2023

An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response... High Unreviewed

CVE-2023-26071 was published Mar 28, 2023

IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based... High Unreviewed

CVE-2023-32342 was published May 31, 2023

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem... High Unreviewed

CVE-2023-34669 was published Jul 17, 2023

A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping... High Unreviewed

CVE-2023-3640 was published Jul 24, 2023

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

45 advisories