GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
84 advisories
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations
Moderate
CVE-2025-29780
was published
for
PostQuantum-Feldman-VSS
(pip)
Mar 14, 2025
Security Update for the OPC UA .NET Standard Stack
Moderate
CVE-2024-42512
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Mar 3, 2025
Gradio performs a non-constant-time comparison when comparing hashes
Moderate
CVE-2024-47869
was published
for
gradio
(pip)
Oct 10, 2024
basic-auth-connect's callback uses time unsafe string comparison
High
CVE-2024-47178
was published
for
basic-auth-connect
(npm)
Sep 30, 2024
Timing-Based Username Enumeration Vulnerability in Fides Webserver Authentication
Low
CVE-2024-45052
was published
for
ethyca-fides
(pip)
Sep 4, 2024
open-telemetry has an Observable Timing Discrepancy
Moderate
CVE-2024-42368
was published
for
github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension
(Go)
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API