GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,494

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

53 advisories

Filter by severity

Sort by

Least recently updated

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.... Moderate Unreviewed

CVE-2023-3336 was published Jul 5, 2023

Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000... Moderate Unreviewed

CVE-2021-36201 was published Jul 6, 2023

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows... Moderate Unreviewed

CVE-2023-32346 was published Jul 6, 2023

Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify... Moderate Unreviewed

CVE-2023-35698 was published Jul 10, 2023

Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy Moderate Unreviewed

CVE-2023-37217 was published Jul 30, 2023

User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could... Moderate Unreviewed

CVE-2023-3221 was published Sep 4, 2023

User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this... Moderate Unreviewed

CVE-2023-4095 was published Sep 19, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy Moderate Unreviewed

CVE-2023-31186 was published May 30, 2023

Umbraco possible user enumeration Low

CVE-2024-28868 was published for UmbracoCMS (NuGet) Mar 20, 2024

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames... Moderate Unreviewed

CVE-2021-20556 was published May 3, 2024

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to... Moderate Unreviewed

CVE-2023-27283 was published May 4, 2024

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Low Unreviewed

CVE-2024-6056 was published Jun 17, 2024

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of... Moderate Unreviewed

CVE-2024-33856 was published May 7, 2024

IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login... Moderate Unreviewed

CVE-2023-33859 was published Jul 10, 2024

IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user... Low Unreviewed

CVE-2024-31870 was published Jun 15, 2024

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2024-36996 was published Jul 1, 2024

The FIDO2/Webauthn Support for PHP library allows enumeration of valid usernames Moderate

CVE-2024-39912 was published for web-auth/webauthn-framework (Composer) Jul 15, 2024

OpaMiddleware does not filter HTTP OPTIONS requests Moderate

CVE-2024-40627 was published for fastapi-opa (pip) Jul 15, 2024

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error... Moderate Unreviewed

CVE-2024-38322 was published Jun 29, 2024

Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request,... Moderate Unreviewed

CVE-2024-39211 was published Jul 4, 2024

Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy Moderate Unreviewed

CVE-2024-38431 was published Jul 30, 2024

A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.14.0 only if the... Moderate Unreviewed

CVE-2023-49069 was published Sep 10, 2024

Loway - CWE-204: Observable Response Discrepancy Moderate Unreviewed

CVE-2024-42343 was published Sep 8, 2024

An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user... Moderate Unreviewed

CVE-2023-37831 was published Oct 31, 2023

User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine... Moderate Unreviewed

CVE-2024-34336 was published Sep 12, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

53 advisories