GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,306

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

595 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information... Moderate Unreviewed

CVE-2021-34556 was published May 24, 2022

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can... High Unreviewed

CVE-2021-34575 was published May 24, 2022

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information... Moderate Unreviewed

CVE-2021-35477 was published May 24, 2022

An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0... Low Unreviewed

CVE-2020-25082 was published May 24, 2022

net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of... Low Unreviewed

CVE-2021-38209 was published May 24, 2022

A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is... Moderate Unreviewed

CVE-2022-4823 was published Dec 28, 2022

NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized... Moderate Unreviewed

CVE-2021-1109 was published May 24, 2022

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks... High Unreviewed

CVE-2021-33560 was published May 24, 2022

In Kaden PICOFLUX Air in all known versions an information exposure through observable... Moderate Unreviewed

CVE-2021-34576 was published May 24, 2022

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to... Moderate Unreviewed

CVE-2021-20376 was published May 24, 2022

A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD... Moderate Unreviewed

CVE-2021-26318 was published May 24, 2022

In USB Manager, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-0975 was published Aug 12, 2022

Apache Hive Information Exposure and Observable Timing Discrepancy Moderate

CVE-2020-1926 was published for org.apache.hive:hive (Maven) Feb 9, 2022

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process... Moderate Unreviewed

CVE-2021-38476 was published May 24, 2022

In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users... High Unreviewed

CVE-2021-34580 was published May 24, 2022

Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is... Moderate Unreviewed

CVE-2021-43398 was published May 24, 2022

Information disclosure through timing and power side-channels during mod exponentiation for RSA... Critical Unreviewed

CVE-2021-1924 was published May 24, 2022

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being... Moderate Unreviewed

CVE-2020-1968 was published May 24, 2022

An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. If a password... Moderate Unreviewed

CVE-2021-20113 was published May 24, 2022

In PackageInstaller, there is a possible way to determine whether an app is installed, without... Low Unreviewed

CVE-2022-20318 was published Aug 13, 2022

In ActivityManager, there is a possible way to determine whether an app is installed, without... Low Unreviewed

CVE-2022-20320 was published Aug 13, 2022

In Framework, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2022-20324 was published Aug 13, 2022

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to... High Unreviewed

CVE-2022-37459 was published Aug 18, 2022

An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in... Moderate Unreviewed

CVE-2020-35473 was published Nov 8, 2022

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to... Moderate Unreviewed

CVE-2022-1989 was published Aug 24, 2022

Previous 1 2 3 4 5 6 7 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

595 advisories