GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
148 advisories
Filter by severity
An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation...
High
Unreviewed
CVE-2023-49589
was published
Jan 10, 2024
A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability...
Moderate
Unreviewed
CVE-2024-0425
was published
Jan 11, 2024
WWBN AVideo recovery notification bypass vulnerability
Moderate
CVE-2023-50172
was published
for
wwbn/avideo
(Composer)
Jan 10, 2024
A vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. Affected is an...
Moderate
Unreviewed
CVE-2024-0491
was published
Jan 13, 2024
Craft CMS possibility of brute force attempts
Critical
CVE-2019-15929
was published
for
craftcms/cms
(Composer)
May 24, 2022
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password...
High
Unreviewed
CVE-2024-22454
was published
Feb 13, 2024
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password
Low
CVE-2015-3189
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password
Critical
CVE-2015-5172
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery...
High
Unreviewed
CVE-2024-24903
was published
Mar 1, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16...
Critical
Unreviewed
CVE-2023-7028
was published
Jan 12, 2024
ZPanel 10.0.1 has insufficient entropy for its password reset process.
Critical
Unreviewed
CVE-2012-5686
was published
Apr 23, 2022
An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged...
Critical
Unreviewed
CVE-2019-11393
was published
May 24, 2022
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is...
High
Unreviewed
CVE-2019-11414
was published
May 24, 2022
An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover)...
Critical
Unreviewed
CVE-2018-16988
was published
May 24, 2022
An issue was discovered in GLPI before 9.4.1. After a successful password reset by a user, it is...
Moderate
Unreviewed
CVE-2019-13240
was published
May 24, 2022
TTLock devices do not properly restrict password-reset attempts, leading to incorrect access...
High
Unreviewed
CVE-2019-12943
was published
May 24, 2022
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to...
Moderate
Unreviewed
CVE-2019-14955
was published
May 24, 2022
SITOS six Build v6.2.1 allows a user to change their password and recovery email address without...
Moderate
Unreviewed
CVE-2019-15749
was published
May 24, 2022
The default setting of MISP 2.4.136 did not enable the requirements (aka...
Critical
Unreviewed
CVE-2021-25323
was published
May 24, 2022
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email...
Moderate
Unreviewed
CVE-2021-36436
was published
Apr 20, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6...
High
Unreviewed
CVE-2023-31459
was published
May 24, 2023
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates...
High
Unreviewed
CVE-2023-26615
was published
Jun 28, 2023
Weintek Weincloud v0.13.6
could allow an attacker to reset a password with the corresponding...
Moderate
Unreviewed
CVE-2023-35134
was published
Jul 20, 2023
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in...
High
Unreviewed
CVE-2023-3222
was published
Sep 4, 2023
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The...
High
Unreviewed
CVE-2023-34357
was published
Sep 7, 2023
ProTip!
Advisories are also available from the
GraphQL API