GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
28 advisories
Filter by severity
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36996
was published
Jul 1, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error...
Moderate
Unreviewed
CVE-2024-38322
was published
Jun 29, 2024
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as...
Low
Unreviewed
CVE-2024-6056
was published
Jun 17, 2024
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user...
Low
Unreviewed
CVE-2024-31870
was published
Jun 15, 2024
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to...
Moderate
Unreviewed
CVE-2023-27283
was published
May 4, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames...
Moderate
Unreviewed
CVE-2021-20556
was published
May 3, 2024
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier....
Moderate
Unreviewed
CVE-2024-1145
was published
Mar 19, 2024
A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as...
Low
Unreviewed
CVE-2024-2482
was published
Mar 15, 2024
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to...
Moderate
Unreviewed
CVE-2023-38362
was published
Mar 4, 2024
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable...
Moderate
Unreviewed
CVE-2023-50306
was published
Feb 20, 2024
An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an...
Moderate
Unreviewed
CVE-2023-23584
was published
Dec 19, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this...
Moderate
Unreviewed
CVE-2023-4095
was published
Sep 19, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could...
Moderate
Unreviewed
CVE-2023-3221
was published
Sep 4, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify...
Moderate
Unreviewed
CVE-2023-35698
was published
Jul 10, 2023
Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows...
Moderate
Unreviewed
CVE-2023-32346
was published
Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000...
Moderate
Unreviewed
CVE-2021-36201
was published
Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability....
Moderate
Unreviewed
CVE-2023-3336
was published
Jul 5, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-31186
was published
May 30, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return...
Moderate
Unreviewed
CVE-2023-28412
was published
May 22, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,...
Moderate
Unreviewed
CVE-2023-23449
was published
May 15, 2023
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions...
Moderate
Unreviewed
CVE-2023-27464
was published
Apr 11, 2023
A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9...
Moderate
Unreviewed
CVE-2022-41697
was published
Dec 22, 2022
A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the...
High
Unreviewed
CVE-2022-22520
was published
Sep 15, 2022
All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to...
Moderate
Unreviewed
CVE-2022-1989
was published
Aug 24, 2022
ProTip!
Advisories are also available from the
GraphQL API