Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

494 advisories

Loading
Minerva timing attack on P-256 in python-ecdsa High
CVE-2024-23342 was published for ecdsa (pip) Jan 22, 2024
tomato42
Marvin Attack of RSA and RSAOAEP decryption in jsrsasign High
CVE-2024-21484 was published for jsrsasign (npm) Jan 19, 2024
tomato42
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryption High
CVE-2023-52323 was published for pycryptodome (pip) Jan 5, 2024
CubeFS timing attack can leak user passwords High
CVE-2023-46739 was published for github.com/cubefs/cubefs (Go) Jan 3, 2024
AdamKorcz
An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an... Moderate Unreviewed
CVE-2023-23584 was published Dec 19, 2023
yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation Low
CVE-2023-50708 was published for yiisoft/yii2-authclient (Composer) Dec 18, 2023
rhertogh
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting... Moderate Unreviewed
CVE-2023-4421 was published Dec 12, 2023
Marvin Attack: potential key recovery through timing sidechannels Moderate
CVE-2023-49092 was published for rsa (Rust) Nov 28, 2023
tomato42 lukas-braune
ProTip! Advisories are also available from the GraphQL API