GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
371 advisories
Filter by severity
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
User enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to...
Moderate
Unreviewed
CVE-2023-3897
was published
Jul 25, 2023
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping...
High
Unreviewed
CVE-2023-3640
was published
Jul 24, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated...
Moderate
Unreviewed
CVE-2023-20575
was published
Jul 11, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify...
Moderate
Unreviewed
CVE-2023-35698
was published
Jul 10, 2023
A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to...
Moderate
Unreviewed
CVE-2023-3529
was published
Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000...
Moderate
Unreviewed
CVE-2021-36201
was published
Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability....
Moderate
Unreviewed
CVE-2023-3336
was published
Jul 5, 2023
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a...
Moderate
Unreviewed
CVE-2023-3139
was published
Jul 4, 2023
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames.
Moderate
Unreviewed
CVE-2023-22359
was published
Jun 26, 2023
AMI BMC contains a vulnerability in the IPMI
handler, where an unauthorized attacker can use...
Moderate
Unreviewed
CVE-2023-34344
was published
Jun 12, 2023
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based...
High
Unreviewed
CVE-2023-32342
was published
May 31, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-31186
was published
May 30, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return...
Moderate
Unreviewed
CVE-2023-28412
was published
May 22, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,...
Moderate
Unreviewed
CVE-2023-23449
was published
May 15, 2023
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be...
Moderate
Unreviewed
CVE-2022-40482
was published
Apr 25, 2023
A username enumeration issue was discovered in Medicine Tracker System 1.0. The login...
Moderate
Unreviewed
CVE-2023-30458
was published
Apr 24, 2023
io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side...
Unknown
Unreviewed
CVE-2023-26557
was published
Apr 21, 2023
io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it...
Unknown
Unreviewed
CVE-2023-26556
was published
Apr 21, 2023
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions...
Moderate
Unreviewed
CVE-2023-27464
was published
Apr 11, 2023
An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response...
High
Unreviewed
CVE-2023-26071
was published
Mar 28, 2023
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To...
Moderate
Unreviewed
CVE-2020-12413
was published
Feb 17, 2023
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS....
High
Unreviewed
CVE-2023-0361
was published
Feb 15, 2023
NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use...
Moderate
Unreviewed
CVE-2022-42288
was published
Jan 13, 2023
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for...
High
Unreviewed
CVE-2022-4499
was published
Jan 11, 2023
ProTip!
Advisories are also available from the
GraphQL API