Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,049
Maven
5,000+
npm
4,787
NuGet
825
pip
4,384
Pub
12
RubyGems
988
Rust
1,144
Swift
50
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Python Cryptography package vulnerable to Bleichenbacher timing oracle attack High
CVE-2023-50782 was published for cryptography (pip) Feb 5, 2024
Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked... High Unreviewed
CVE-2023-46809 was published Sep 7, 2024
vLLM is vulnerable to timing attack at bearer auth High
CVE-2025-59425 was published for vllm (pip) Oct 7, 2025
NiuBlibing Credited to NiuBlibing and russellb russellb russellb
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT... High Unreviewed
CVE-2017-2624 was published May 13, 2022
Minerva timing attack on P-256 in python-ecdsa High
CVE-2024-23342 was published for ecdsa (pip) Jan 22, 2024
tomato42 Credited to tomato42 and levpachmanov levpachmanov levpachmanov
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This... High Unreviewed
CVE-2025-0306 was published Jan 9, 2025
RSA decryption vulnerable to Bleichenbacher timing vulnerability High
CVE-2020-25659 was published for cryptography (pip) Oct 27, 2020
tomato42 Credited to tomato42
Timing attacks in python-rsa High
CVE-2020-25658 was published for rsa (pip) Apr 30, 2021
An issue was discovered in Matrix libolm (aka Olm) through 3.2.16. Cache-timing attacks can occur... High Unreviewed
CVE-2024-45192 was published Aug 22, 2024
Observable Timing Discrepancy in pypqc High
GHSA-hvh4-5qr6-3v7r was published for pypqc (pip) Jun 5, 2024
James-E-A Credited to James-E-A
Covert Timing Channel in Apache CXF High
CVE-2017-3156 was published for org.apache.cxf.karaf:apache-cxf (Maven) May 13, 2022
sunSUNQ Credited to sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database