Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

367 advisories

Loading
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX... Moderate Unreviewed
CVE-2025-3939 was published May 22, 2025
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature... Moderate Unreviewed
CVE-2022-30332 was published Jan 10, 2023
CWE-203: Observable Discrepancy Moderate Unreviewed
CVE-2025-23182 was published May 22, 2025
Observable behavioral in power management throttling for some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2022-24436 was published Jun 16, 2022
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed
CVE-2021-33149 was published May 13, 2022
An information-disclosure vulnerability exists on select NXP devices when configured in Serial... Moderate Unreviewed
CVE-2022-45163 was published Nov 19, 2022
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate... Moderate Unreviewed
CVE-2022-0564 was published Feb 22, 2022
Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid... Moderate Unreviewed
CVE-2021-47664 was published Apr 24, 2025
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access... Moderate Unreviewed
CVE-2022-46392 was published Dec 16, 2022
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite... Moderate Unreviewed
CVE-2017-13099 was published May 13, 2022
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA... Moderate Unreviewed
CVE-2017-1000385 was published May 13, 2022
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505,... Moderate Unreviewed
CVE-2017-12373 was published May 13, 2022
Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an... Moderate Unreviewed
CVE-2017-17427 was published May 13, 2022
Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is... Moderate Unreviewed
CVE-2016-9129 was published May 13, 2022
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was... Moderate Unreviewed
CVE-2022-26382 was published Dec 22, 2022
An attacker could have exploited a timing attack by sending a large number of allowCredential... Moderate Unreviewed
CVE-2022-31742 was published Dec 22, 2022
Service Workers should not be able to infer information about opaque cross-origin responses; but... Moderate Unreviewed
CVE-2022-45403 was published Dec 22, 2022
Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an... Moderate Unreviewed
CVE-2024-11084 was published Apr 15, 2025
Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread... Moderate Unreviewed
CVE-2022-45416 was published Dec 22, 2022
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly... Moderate Unreviewed
CVE-2016-2178 was published May 13, 2022
During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered... Moderate Unreviewed
CVE-2025-0361 was published Apr 8, 2025
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the... Moderate Unreviewed
CVE-2004-0778 was published Apr 29, 2022
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it... Moderate Unreviewed
CVE-2004-0294 was published Apr 29, 2022
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if... Moderate Unreviewed
CVE-2004-0243 was published Apr 29, 2022
Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root... Moderate Unreviewed
CVE-2002-2094 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database