GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
98 advisories
Dragonfly vulnerable to timing attacks against Proxy’s basic authentication
Moderate
CVE-2025-59350
was published
for
d7y.io/dragonfly/v2
(Go)
Sep 17, 2025
Timing Attack Vulnerability in SCRAM Authentication
Moderate
CVE-2025-59432
was published
for
com.ongres.scram:scram-common
(Maven)
Sep 16, 2025
httpsig-rs: HMAC verification is vulnerable to timing attack
Moderate
CVE-2025-59058
was published
for
httpsig
(Rust)
Sep 12, 2025
Minerva timing attack on P-256 in python-ecdsa
High
CVE-2024-23342
was published
for
ecdsa
(pip)
Jan 22, 2024
Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching
Low
CVE-2025-46570
was published
for
vllm
(pip)
May 28, 2025
SignXML's signature verification with HMAC is vulnerable to a timing attack
Moderate
CVE-2025-48995
was published
for
signxml
(pip)
Jun 5, 2025
Security Update for the OPC UA .NET Standard Stack
Moderate
CVE-2024-42512
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Mar 3, 2025
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations
Moderate
CVE-2025-29780
was published
for
PostQuantum-Feldman-VSS
(pip)
Mar 14, 2025
Possible Information Leak / Session Hijack Vulnerability in Rack
Moderate
CVE-2019-16782
was published
for
rack
(RubyGems)
Dec 18, 2019
ProTip!
Advisories are also available from the
GraphQL API