GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
37 advisories
Filter by severity
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate...
Moderate
Unreviewed
CVE-2022-0564
was published
Feb 22, 2022
A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1,...
Moderate
Unreviewed
CVE-2022-31248
was published
Jun 23, 2022
All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to...
Moderate
Unreviewed
CVE-2022-1989
was published
Aug 24, 2022
A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9...
Moderate
Unreviewed
CVE-2022-41697
was published
Dec 22, 2022
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions...
Moderate
Unreviewed
CVE-2023-27464
was published
Apr 11, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,...
Moderate
Unreviewed
CVE-2023-23449
was published
May 15, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return...
Moderate
Unreviewed
CVE-2023-28412
was published
May 22, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-31186
was published
May 30, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability....
Moderate
Unreviewed
CVE-2023-3336
was published
Jul 5, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000...
Moderate
Unreviewed
CVE-2021-36201
was published
Jul 6, 2023
Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows...
Moderate
Unreviewed
CVE-2023-32346
was published
Jul 6, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify...
Moderate
Unreviewed
CVE-2023-35698
was published
Jul 10, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could...
Moderate
Unreviewed
CVE-2023-3221
was published
Sep 4, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this...
Moderate
Unreviewed
CVE-2023-4095
was published
Sep 19, 2023
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user...
Moderate
Unreviewed
CVE-2023-37831
was published
Oct 31, 2023
An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an...
Moderate
Unreviewed
CVE-2023-23584
was published
Dec 19, 2023
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable...
Moderate
Unreviewed
CVE-2023-50306
was published
Feb 20, 2024
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to...
Moderate
Unreviewed
CVE-2023-38362
was published
Mar 4, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an...
Moderate
Unreviewed
CVE-2023-46170
was published
Mar 7, 2024
User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier....
Moderate
Unreviewed
CVE-2024-1145
was published
Mar 19, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames...
Moderate
Unreviewed
CVE-2021-20556
was published
May 3, 2024
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to...
Moderate
Unreviewed
CVE-2023-27283
was published
May 4, 2024
An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of...
Moderate
Unreviewed
CVE-2024-33856
was published
May 7, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error...
Moderate
Unreviewed
CVE-2024-38322
was published
Jun 29, 2024
ProTip!
Advisories are also available from the
GraphQL API