Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

550 advisories

Loading
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed
CVE-2024-5124 was published Jun 6, 2024
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem... High Unreviewed
CVE-2023-34669 was published Jul 17, 2023
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Moderate Unreviewed
CVE-2024-21233 was published Oct 15, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are... Low Unreviewed
CVE-2024-21251 was published Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21208 was published Oct 15, 2024
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are... Low Unreviewed
CVE-2024-21210 was published Oct 15, 2024
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business... Moderate Unreviewed
CVE-2024-21206 was published Oct 15, 2024
By checking the result of calls to `window.open` with specifically set protocol handlers, an... Moderate Unreviewed
CVE-2024-9398 was published Oct 1, 2024
This issue occurs during password recovery, where a difference in messages could allow an... Moderate Unreviewed
CVE-2024-2464 was published Mar 21, 2024
Django allows enumeration of user e-mail addresses Moderate
CVE-2024-45231 was published for Django (pip) Oct 8, 2024
In Logpoint before 7.4.0, an attacker can enumerate a valid list of usernames by using publicly... Moderate Unreviewed
CVE-2024-30176 was published May 1, 2024
Video frames could have been leaked between origins in some situations. This vulnerability... High Unreviewed
CVE-2024-10463 was published Oct 29, 2024
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote... Moderate Unreviewed
CVE-2022-4025 was published Jan 3, 2023
A privacy issue was addressed by moving sensitive data to a more secure location. This issue is... Moderate Unreviewed
CVE-2024-27839 was published May 14, 2024
This issue was addressed by restricting options offered on a locked device. This issue is fixed... Low Unreviewed
CVE-2022-46724 was published Aug 15, 2023
cocagne pysrp vulnerable to side channel leaks High
CVE-2021-4286 was published for srp (pip) Dec 27, 2022
Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent... Moderate Unreviewed
CVE-2024-50383 was published Oct 23, 2024
Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent... Moderate Unreviewed
CVE-2024-50382 was published Oct 23, 2024
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware... Moderate Unreviewed
CVE-2024-48644 was published Oct 23, 2024
In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of... Moderate Unreviewed
CVE-2024-47678 was published Oct 21, 2024
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryption High
CVE-2023-52323 was published for pycryptodome (pip) Jan 5, 2024
In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable... Critical Unreviewed
CVE-2024-25714 was published Feb 11, 2024
A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of... Moderate Unreviewed
CVE-2024-0564 was published Jan 30, 2024
Windows Cryptographic Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-43546 was published Oct 8, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that makes it possible to tell... Moderate Unreviewed
CVE-2024-41715 was published Sep 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database