GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,341
Composer 4,362
Erlang 33
GitHub Actions 22
Go 2,131
Maven 5,310
npm 3,796
NuGet 686
pip 3,473
Pub 12
RubyGems 896
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 245,243

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

61 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Moderate Unreviewed

CVE-2024-6056 was published Jun 17, 2024

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of... Moderate Unreviewed

CVE-2024-33856 was published May 7, 2024

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to... Moderate Unreviewed

CVE-2023-27283 was published May 4, 2024

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames... Moderate Unreviewed

CVE-2021-20556 was published May 3, 2024

CasaOS Username Enumeration - Bypass of CVE-2024-24766 Moderate

CVE-2024-28232 was published for github.com/IceWhaleTech/CasaOS-UserService (Go) Apr 1, 2024

User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier.... Moderate Unreviewed

CVE-2024-1145 was published Mar 19, 2024

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed

CVE-2023-46170 was published Mar 7, 2024

CasaOS Username Enumeration Moderate

CVE-2024-24766 was published for github.com/IceWhaleTech/CasaOS-UserService (Go) Mar 6, 2024

IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to... Moderate Unreviewed

CVE-2023-38362 was published Mar 4, 2024

IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable... Moderate Unreviewed

CVE-2023-50306 was published Feb 20, 2024

Liferay Portal allows attackers to discover the existence of sites Moderate

CVE-2024-25146 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024

An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an... Moderate Unreviewed

CVE-2023-23584 was published Dec 19, 2023

An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user... Moderate Unreviewed

CVE-2023-37831 was published Oct 31, 2023

User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this... Moderate Unreviewed

CVE-2023-4095 was published Sep 19, 2023

Piccolo's current `BaseUser.login` implementation is vulnerable to time based user enumeration Moderate

CVE-2023-41885 was published for piccolo (pip) Sep 12, 2023

User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could... Moderate Unreviewed

CVE-2023-3221 was published Sep 4, 2023

Sulu Observable Response Discrepancy on Admin Login Moderate

CVE-2023-39343 was published for sulu/sulu (Composer) Aug 3, 2023

Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy Moderate Unreviewed

CVE-2023-37217 was published Jul 30, 2023

Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify... Moderate Unreviewed

CVE-2023-35698 was published Jul 10, 2023

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows... Moderate Unreviewed

CVE-2023-32346 was published Jul 6, 2023

Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000... Moderate Unreviewed

CVE-2021-36201 was published Jul 6, 2023

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.... Moderate Unreviewed

CVE-2023-3336 was published Jul 5, 2023

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy Moderate Unreviewed

CVE-2023-31186 was published May 30, 2023

When supplied with a random MAC address, Snap One OvrC cloud servers will return... Moderate Unreviewed

CVE-2023-28412 was published May 22, 2023

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,... Moderate Unreviewed

CVE-2023-23449 was published May 15, 2023

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

61 advisories