GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,395
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,603
Maven 6,053
npm 4,250
NuGet 755
pip 4,013
Pub 12
RubyGems 953
Rust 1,048
Swift 45

Unreviewed advisories

All unreviewed 274,948

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Mbed TLS through 3.6.4 has an Observable Timing Discrepancy. Moderate Unreviewed

CVE-2025-59438 was published Oct 21, 2025

Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct... Moderate Unreviewed

CVE-2025-54764 was published Oct 21, 2025

mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed

CVE-2024-7010 was published Oct 29, 2024

Execution time for an unsuccessful login differs when using a non-existing username compared to... Low Unreviewed

CVE-2024-36469 was published Apr 2, 2025

Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all... Moderate Unreviewed

CVE-2025-7383 was published Aug 29, 2025

Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions... Moderate Unreviewed

CVE-2025-7071 was published Aug 29, 2025

Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a... Moderate Unreviewed

CVE-2025-20067 was published Aug 12, 2025

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... High Unreviewed

CVE-2021-42016 was published Mar 9, 2022

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow... High Unreviewed

CVE-2024-13939 was published Mar 28, 2025

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may... Moderate Unreviewed

CVE-2024-2236 was published Mar 7, 2024

An issue was discovered in OpenSlides before 4.2.5. During login at the /system/auth/login/... Moderate Unreviewed

CVE-2025-30344 was published Mar 21, 2025

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to... Moderate Unreviewed

CVE-2024-22340 was published Mar 11, 2025

An issue was discovered in the Winbox service of MikroTik RouterOS v6.43 through v7.16.1. A... Moderate Unreviewed

CVE-2024-54772 was published Feb 12, 2025

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,... Moderate Unreviewed

CVE-2020-35165 was published May 22, 2024

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp... Moderate Unreviewed

CVE-2024-56738 was published Dec 29, 2024

IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to... Moderate Unreviewed

CVE-2024-41741 was published Nov 1, 2024

Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1... High Unreviewed

CVE-2024-31074 was published Nov 13, 2024

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against... Moderate Unreviewed

CVE-2024-1543 was published Aug 30, 2024

An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. The AES implementation is... Critical Unreviewed

CVE-2024-45191 was published Aug 22, 2024

Windows Kerberos Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-29995 was published Aug 13, 2024

The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.... Critical Unreviewed

CVE-2023-41313 was published Mar 12, 2024

In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time Low Unreviewed

CVE-2024-41828 was published Jul 22, 2024

The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM,... Moderate Unreviewed

CVE-2022-25332 was published Oct 19, 2023

Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy... Moderate Unreviewed

CVE-2021-21575 was published Feb 2, 2024

A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib... Moderate Unreviewed

CVE-2024-0202 was published Feb 5, 2024

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

31 advisories