GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,306

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

595 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management... Moderate Unreviewed

CVE-2020-5143 was published May 24, 2022

When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series... Moderate Unreviewed

CVE-2020-1685 was published May 24, 2022

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to... Moderate Unreviewed

CVE-2020-12912 was published May 24, 2022

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco... Moderate Unreviewed

CVE-2020-3585 was published May 24, 2022

A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by... Moderate Unreviewed

CVE-2020-11683 was published May 24, 2022

In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure.... Moderate Unreviewed

CVE-2020-0464 was published May 24, 2022

An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any... Low Unreviewed

CVE-2020-29480 was published May 24, 2022

An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin... Moderate Unreviewed

CVE-2020-35624 was published May 24, 2022

A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login... Moderate Unreviewed

CVE-2020-9389 was published May 24, 2022

An email address enumeration vulnerability exists in the password reset function of Rocket.Chat... Moderate Unreviewed

CVE-2020-28208 was published May 24, 2022

Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES... Moderate Unreviewed

CVE-2020-28368 was published May 24, 2022

An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and... Moderate Unreviewed

CVE-2020-35480 was published May 24, 2022

Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72... Moderate Unreviewed

CVE-2021-21173 was published May 24, 2022

An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR... Moderate Unreviewed

CVE-2021-27342 was published May 24, 2022

Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against... Moderate Unreviewed

CVE-2020-27211 was published May 24, 2022

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider... Moderate Unreviewed

CVE-2013-1620 was published May 14, 2022

Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized... Moderate Unreviewed

CVE-2021-0001 was published May 24, 2022

IBM Security Identity Manager 7.0.2 could allow a remote user to enumerate usernames due to a... Moderate Unreviewed

CVE-2021-29687 was published May 24, 2022

Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21181 was published May 24, 2022

Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11... Moderate Unreviewed

CVE-2021-0086 was published May 24, 2022

Observable response discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed

CVE-2021-0089 was published May 24, 2022

Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to... Low Unreviewed

CVE-2020-24512 was published May 24, 2022

In Rust SGX 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level ... Moderate Unreviewed

CVE-2021-24117 was published May 24, 2022

In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system... Moderate Unreviewed

CVE-2021-24116 was published May 24, 2022

In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to... Low Unreviewed

CVE-2022-20535 was published Dec 21, 2022

Previous 1 2 3 4 5 6 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

595 advisories