Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

498 advisories

Loading
Tornado XSRF cookie allows side-channel attack against TLS (BREACH attack) High
CVE-2014-9720 was published for tornado (pip) May 17, 2022
phpMyAdmin Unsafe comparison of XSRF/CSRF token High
CVE-2016-2041 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. High Unreviewed
CVE-2019-10233 was published May 13, 2022
Observable Discrepancy in BouncyCastle Moderate
CVE-2017-13098 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API