Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

371 advisories

Loading
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2023-37217 was published Jul 30, 2023
User enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to... Moderate Unreviewed
CVE-2023-3897 was published Jul 25, 2023
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping... High Unreviewed
CVE-2023-3640 was published Jul 24, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated... Moderate Unreviewed
CVE-2023-20575 was published Jul 11, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify... Moderate Unreviewed
CVE-2023-35698 was published Jul 10, 2023
A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to... Moderate Unreviewed
CVE-2023-3529 was published Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000... Moderate Unreviewed
CVE-2021-36201 was published Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.... Moderate Unreviewed
CVE-2023-3336 was published Jul 5, 2023
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a... Moderate Unreviewed
CVE-2023-3139 was published Jul 4, 2023
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames. Moderate Unreviewed
CVE-2023-22359 was published Jun 26, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use... Moderate Unreviewed
CVE-2023-34344 was published Jun 12, 2023
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based... High Unreviewed
CVE-2023-32342 was published May 31, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy Moderate Unreviewed
CVE-2023-31186 was published May 30, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return... Moderate Unreviewed
CVE-2023-28412 was published May 22, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,... Moderate Unreviewed
CVE-2023-23449 was published May 15, 2023
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be... Moderate Unreviewed
CVE-2022-40482 was published Apr 25, 2023
A username enumeration issue was discovered in Medicine Tracker System 1.0. The login... Moderate Unreviewed
CVE-2023-30458 was published Apr 24, 2023
io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side... Unknown Unreviewed
CVE-2023-26557 was published Apr 21, 2023
io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it... Unknown Unreviewed
CVE-2023-26556 was published Apr 21, 2023
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions... Moderate Unreviewed
CVE-2023-27464 was published Apr 11, 2023
An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response... High Unreviewed
CVE-2023-26071 was published Mar 28, 2023
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To... Moderate Unreviewed
CVE-2020-12413 was published Feb 17, 2023
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.... High Unreviewed
CVE-2023-0361 was published Feb 15, 2023
NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use... Moderate Unreviewed
CVE-2022-42288 was published Jan 13, 2023
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for... High Unreviewed
CVE-2022-4499 was published Jan 11, 2023
ProTip! Advisories are also available from the GraphQL API