Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
656
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

36 advisories

Loading
Observable Response Discrepancy vulnerability in HumHub GmbH & Co. KG - HumHub on Linux allows:... Moderate Unreviewed
CVE-2024-52043 was published Nov 6, 2024
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of... Moderate Unreviewed
CVE-2024-47129 was published Sep 26, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that makes it possible to tell... Moderate Unreviewed
CVE-2024-41715 was published Sep 26, 2024
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that... Moderate Unreviewed
CVE-2024-8651 was published Sep 19, 2024
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine... Moderate Unreviewed
CVE-2024-34336 was published Sep 12, 2024
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.14.0 only if the... Moderate Unreviewed
CVE-2023-49069 was published Sep 10, 2024
Loway - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2024-42343 was published Sep 8, 2024
Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2024-38431 was published Jul 30, 2024
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login... Moderate Unreviewed
CVE-2023-33859 was published Jul 10, 2024
Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request,... Moderate Unreviewed
CVE-2024-39211 was published Jul 4, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-36996 was published Jul 1, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error... Moderate Unreviewed
CVE-2024-38322 was published Jun 29, 2024
An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of... Moderate Unreviewed
CVE-2024-33856 was published May 7, 2024
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to... Moderate Unreviewed
CVE-2023-27283 was published May 4, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames... Moderate Unreviewed
CVE-2021-20556 was published May 3, 2024
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier.... Moderate Unreviewed
CVE-2024-1145 was published Mar 19, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed
CVE-2023-46170 was published Mar 7, 2024
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to... Moderate Unreviewed
CVE-2023-38362 was published Mar 4, 2024
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable... Moderate Unreviewed
CVE-2023-50306 was published Feb 20, 2024
An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an... Moderate Unreviewed
CVE-2023-23584 was published Dec 19, 2023
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user... Moderate Unreviewed
CVE-2023-37831 was published Oct 31, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this... Moderate Unreviewed
CVE-2023-4095 was published Sep 19, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could... Moderate Unreviewed
CVE-2023-3221 was published Sep 4, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2023-37217 was published Jul 30, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify... Moderate Unreviewed
CVE-2023-35698 was published Jul 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database