GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
282 advisories
Filter by severity
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An...
Moderate
Unreviewed
CVE-2022-27221
was published
Jun 15, 2022
An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could...
Moderate
Unreviewed
CVE-2022-0823
was published
Jun 10, 2022
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore)...
Moderate
Unreviewed
CVE-2022-32273
was published
Jun 9, 2022
An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. If a password...
Moderate
Unreviewed
CVE-2021-20113
was published
May 24, 2022
Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is...
Moderate
Unreviewed
CVE-2021-43398
was published
May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process...
Moderate
Unreviewed
CVE-2021-38476
was published
May 24, 2022
A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD...
Moderate
Unreviewed
CVE-2021-26318
was published
May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to...
Moderate
Unreviewed
CVE-2021-20376
was published
May 24, 2022
In Kaden PICOFLUX Air in all known versions an information exposure through observable...
Moderate
Unreviewed
CVE-2021-34576
was published
May 24, 2022
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized...
Moderate
Unreviewed
CVE-2021-1109
was published
May 24, 2022
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information...
Moderate
Unreviewed
CVE-2021-35477
was published
May 24, 2022
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information...
Moderate
Unreviewed
CVE-2021-34556
was published
May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular...
Moderate
Unreviewed
CVE-2020-36421
was published
May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC...
Moderate
Unreviewed
CVE-2020-36422
was published
May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for...
Moderate
Unreviewed
CVE-2020-36424
was published
May 24, 2022
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding...
Moderate
Unreviewed
CVE-2021-24119
was published
May 24, 2022
In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system...
Moderate
Unreviewed
CVE-2021-24116
was published
May 24, 2022
In Rust SGX 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level ...
Moderate
Unreviewed
CVE-2021-24117
was published
May 24, 2022
Observable behavioral discrepancy vulnerability in QSAN Storage Manager allows remote attackers...
Moderate
Unreviewed
CVE-2021-32528
was published
May 24, 2022
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g.,...
Moderate
Unreviewed
CVE-2021-33624
was published
May 24, 2022
Potential floating point value injection in all supported CPU products, in conjunction with...
Moderate
Unreviewed
CVE-2021-26314
was published
May 24, 2022
Potential speculative code store bypass in all supported CPU products, in conjunction with...
Moderate
Unreviewed
CVE-2021-26313
was published
May 24, 2022
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized...
Moderate
Unreviewed
CVE-2021-0001
was published
May 24, 2022
Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11...
Moderate
Unreviewed
CVE-2021-0086
was published
May 24, 2022
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to...
Moderate
Unreviewed
CVE-2021-0089
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API