GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
37 advisories
Filter by severity
A vulnerability in the web-based management interface of Cisco ECE could allow an...
Moderate
Unreviewed
CVE-2022-20633
was published
Nov 15, 2024
Observable Response Discrepancy vulnerability in HumHub GmbH & Co. KG - HumHub on Linux allows:...
Moderate
Unreviewed
CVE-2024-52043
was published
Nov 6, 2024
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of...
Moderate
Unreviewed
CVE-2024-47129
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that
makes it possible to tell...
Moderate
Unreviewed
CVE-2024-41715
was published
Sep 26, 2024
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that...
Moderate
Unreviewed
CVE-2024-8651
was published
Sep 19, 2024
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine...
Moderate
Unreviewed
CVE-2024-34336
was published
Sep 12, 2024
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.14.0 only if the...
Moderate
Unreviewed
CVE-2023-49069
was published
Sep 10, 2024
Loway - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2024-42343
was published
Sep 8, 2024
Matrix Tafnit v8
-
CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2024-38431
was published
Jul 30, 2024
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login...
Moderate
Unreviewed
CVE-2023-33859
was published
Jul 10, 2024
Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request,...
Moderate
Unreviewed
CVE-2024-39211
was published
Jul 4, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36996
was published
Jul 1, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error...
Moderate
Unreviewed
CVE-2024-38322
was published
Jun 29, 2024
An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of...
Moderate
Unreviewed
CVE-2024-33856
was published
May 7, 2024
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to...
Moderate
Unreviewed
CVE-2023-27283
was published
May 4, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames...
Moderate
Unreviewed
CVE-2021-20556
was published
May 3, 2024
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier....
Moderate
Unreviewed
CVE-2024-1145
was published
Mar 19, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an...
Moderate
Unreviewed
CVE-2023-46170
was published
Mar 7, 2024
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to...
Moderate
Unreviewed
CVE-2023-38362
was published
Mar 4, 2024
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable...
Moderate
Unreviewed
CVE-2023-50306
was published
Feb 20, 2024
An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an...
Moderate
Unreviewed
CVE-2023-23584
was published
Dec 19, 2023
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user...
Moderate
Unreviewed
CVE-2023-37831
was published
Oct 31, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this...
Moderate
Unreviewed
CVE-2023-4095
was published
Sep 19, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could...
Moderate
Unreviewed
CVE-2023-3221
was published
Sep 4, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
ProTip!
Advisories are also available from the
GraphQL API