GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,110
Erlang
29
GitHub Actions
19
Go
1,931
Maven
5,000+
npm
3,666
NuGet
642
pip
3,273
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
57 advisories
Filter by severity
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this...
Moderate
Unreviewed
CVE-2023-4095
was published
Sep 19, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could...
Moderate
Unreviewed
CVE-2023-3221
was published
Sep 4, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify...
Moderate
Unreviewed
CVE-2023-35698
was published
Jul 10, 2023
Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows...
Moderate
Unreviewed
CVE-2023-32346
was published
Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000...
Moderate
Unreviewed
CVE-2021-36201
was published
Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability....
Moderate
Unreviewed
CVE-2023-3336
was published
Jul 5, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return...
Moderate
Unreviewed
CVE-2023-28412
was published
May 22, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,...
Moderate
Unreviewed
CVE-2023-23449
was published
May 15, 2023
CasaOS Username Enumeration - Bypass of CVE-2024-24766
Moderate
CVE-2024-28232
was published
for
github.com/IceWhaleTech/CasaOS-UserService
(Go)
Apr 1, 2024
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier....
Moderate
Unreviewed
CVE-2024-1145
was published
Mar 19, 2024
A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as...
Low
Unreviewed
CVE-2024-2482
was published
Mar 15, 2024
CasaOS Username Enumeration
Moderate
CVE-2024-24766
was published
for
github.com/IceWhaleTech/CasaOS-UserService
(Go)
Mar 6, 2024
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to...
Moderate
Unreviewed
CVE-2023-38362
was published
Mar 4, 2024
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable...
Moderate
Unreviewed
CVE-2023-50306
was published
Feb 20, 2024
Liferay Portal allows attackers to discover the existence of sites
Moderate
CVE-2024-25146
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Feb 8, 2024
Information Disclosure in Password Reset
Low
CVE-2020-11063
was published
for
typo3/cms
(Composer)
May 13, 2020
An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an...
Moderate
Unreviewed
CVE-2023-23584
was published
Dec 19, 2023
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate...
Moderate
Unreviewed
CVE-2022-0564
was published
Feb 22, 2022
Piccolo's current `BaseUser.login` implementation is vulnerable to time based user enumeration
Moderate
CVE-2023-41885
was published
for
piccolo
(pip)
Sep 12, 2023
Sulu Observable Response Discrepancy on Admin Login
Moderate
CVE-2023-39343
was published
for
sulu/sulu
(Composer)
Aug 3, 2023
Kirby CMS vulnerable to user enumeration in the brute force protection
Moderate
CVE-2022-39315
was published
for
getkirby/cms
(Composer)
Oct 18, 2022
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions...
Moderate
Unreviewed
CVE-2023-27464
was published
Apr 11, 2023
Answer has Observable Response Discrepancy
Moderate
CVE-2023-1540
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
vantage6 vulnerable to Observable Response Discrepancy
Moderate
CVE-2022-39228
was published
for
vantage6
(pip)
Feb 28, 2023
ProTip!
Advisories are also available from the
GraphQL API