Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

282 advisories

Loading
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An... Moderate Unreviewed
CVE-2022-27221 was published Jun 15, 2022
An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could... Moderate Unreviewed
CVE-2022-0823 was published Jun 10, 2022
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore)... Moderate Unreviewed
CVE-2022-32273 was published Jun 9, 2022
An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. If a password... Moderate Unreviewed
CVE-2021-20113 was published May 24, 2022
Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is... Moderate Unreviewed
CVE-2021-43398 was published May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process... Moderate Unreviewed
CVE-2021-38476 was published May 24, 2022
A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD... Moderate Unreviewed
CVE-2021-26318 was published May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to... Moderate Unreviewed
CVE-2021-20376 was published May 24, 2022
In Kaden PICOFLUX Air in all known versions an information exposure through observable... Moderate Unreviewed
CVE-2021-34576 was published May 24, 2022
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized... Moderate Unreviewed
CVE-2021-1109 was published May 24, 2022
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information... Moderate Unreviewed
CVE-2021-35477 was published May 24, 2022
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information... Moderate Unreviewed
CVE-2021-34556 was published May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular... Moderate Unreviewed
CVE-2020-36421 was published May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC... Moderate Unreviewed
CVE-2020-36422 was published May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for... Moderate Unreviewed
CVE-2020-36424 was published May 24, 2022
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding... Moderate Unreviewed
CVE-2021-24119 was published May 24, 2022
In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system... Moderate Unreviewed
CVE-2021-24116 was published May 24, 2022
In Rust SGX 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level ... Moderate Unreviewed
CVE-2021-24117 was published May 24, 2022
Observable behavioral discrepancy vulnerability in QSAN Storage Manager allows remote attackers... Moderate Unreviewed
CVE-2021-32528 was published May 24, 2022
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g.,... Moderate Unreviewed
CVE-2021-33624 was published May 24, 2022
Potential floating point value injection in all supported CPU products, in conjunction with... Moderate Unreviewed
CVE-2021-26314 was published May 24, 2022
Potential speculative code store bypass in all supported CPU products, in conjunction with... Moderate Unreviewed
CVE-2021-26313 was published May 24, 2022
Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized... Moderate Unreviewed
CVE-2021-0001 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11... Moderate Unreviewed
CVE-2021-0086 was published May 24, 2022
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to... Moderate Unreviewed
CVE-2021-0089 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database