Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

596 advisories

Loading
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2),... High Unreviewed
CVE-2017-6168 was published May 13, 2022
Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an... Moderate Unreviewed
CVE-2017-17427 was published May 13, 2022
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505,... Moderate Unreviewed
CVE-2017-12373 was published May 13, 2022
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA... Moderate Unreviewed
CVE-2017-1000385 was published May 13, 2022
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite... Moderate Unreviewed
CVE-2017-13099 was published May 13, 2022
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access... Moderate Unreviewed
CVE-2022-46392 was published Dec 16, 2022
Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid... Moderate Unreviewed
CVE-2021-47664 was published Apr 24, 2025
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate... Moderate Unreviewed
CVE-2022-0564 was published Feb 22, 2022
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Invalidate FPU... High Unreviewed
CVE-2021-47226 was published May 21, 2024
An information-disclosure vulnerability exists on select NXP devices when configured in Serial... Moderate Unreviewed
CVE-2022-45163 was published Nov 19, 2022
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed
CVE-2021-33149 was published May 13, 2022
Observable behavioral in power management throttling for some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2022-24436 was published Jun 16, 2022
Keystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fields Low
CVE-2025-46720 was published for @keystone-6/core (npm) May 5, 2025
emmatown dcousens
HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user... Low Unreviewed
CVE-2024-42174 was published Jan 11, 2025
CWE-203: Observable Discrepancy Moderate Unreviewed
CVE-2025-23182 was published May 22, 2025
A minor information leak when running Screen with setuid-root privileges allosw unprivileged... Low Unreviewed
CVE-2025-46804 was published May 26, 2025
ZITADEL "ignoring unknown usernames" vulnerability Moderate
CVE-2024-41952 was published for github.com/zitadel/zitadel (Go) Jul 31, 2024
livio-a
Mautic allows user name enumeration due to response time difference on password reset form Moderate
CVE-2024-47057 was published for mautic/core (Composer) May 28, 2025
patrykgruszka nick-vanpraet
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature... Moderate Unreviewed
CVE-2022-30332 was published Jan 10, 2023
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX... Moderate Unreviewed
CVE-2025-3939 was published May 22, 2025
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack... Moderate Unreviewed
CVE-2023-5388 was published Mar 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database