Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

498 advisories

Loading
phpMyAdmin Unsafe comparison of XSRF/CSRF token High
CVE-2016-2041 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Pagekit User enumeration Moderate
CVE-2019-16669 was published for pagekit/pagekit (Composer) May 24, 2022
PHPECC vulnerable to multiple cryptographic side-channel attacks Critical
GHSA-346h-749j-r28w was published for mdanter/ecc (Composer) Apr 25, 2024
s2n-tls has a potentially observable differences in RSA premaster secret handling Low
GHSA-52xf-5p2m-9wrv was published for s2n-tls (Rust) Jun 6, 2024
curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub` Moderate
GHSA-x4gp-pqpj-f43q was published for curve25519-dalek (Rust) Jun 18, 2024
Apache Pulsar SASL Authentication Provider observable timing discrepancy vulnerability High
CVE-2023-51437 was published for org.apache.pulsar:pulsar-broker-auth-sasl (Maven) Feb 7, 2024
ProTip! Advisories are also available from the GraphQL API