GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of...
Moderate
Unreviewed
CVE-2024-47129
was published
Sep 26, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an...
Moderate
Unreviewed
CVE-2023-46170
was published
Mar 7, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that
makes it possible to tell...
Moderate
Unreviewed
CVE-2024-41715
was published
Sep 26, 2024
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that...
Moderate
Unreviewed
CVE-2024-8651
was published
Sep 19, 2024
Observable Response Discrepancy in Flask-AppBuilder
Moderate
CVE-2022-21659
was published
for
Flask-AppBuilder
(pip)
Feb 1, 2022
Mautic allows users enumeration due to weak password login
Moderate
CVE-2024-47059
was published
for
mautic/core
(Composer)
Sep 18, 2024
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine...
Moderate
Unreviewed
CVE-2024-34336
was published
Sep 12, 2024
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user...
Moderate
Unreviewed
CVE-2023-37831
was published
Oct 31, 2023
Loway - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2024-42343
was published
Sep 8, 2024
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.14.0 only if the...
Moderate
Unreviewed
CVE-2023-49069
was published
Sep 10, 2024
Matrix Tafnit v8
-
CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2024-38431
was published
Jul 30, 2024
Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request,...
Moderate
Unreviewed
CVE-2024-39211
was published
Jul 4, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error...
Moderate
Unreviewed
CVE-2024-38322
was published
Jun 29, 2024
OpaMiddleware does not filter HTTP OPTIONS requests
Moderate
CVE-2024-40627
was published
for
fastapi-opa
(pip)
Jul 15, 2024
The FIDO2/Webauthn Support for PHP library allows enumeration of valid usernames
Moderate
CVE-2024-39912
was published
for
web-auth/webauthn-framework
(Composer)
Jul 15, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-36996
was published
Jul 1, 2024
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login...
Moderate
Unreviewed
CVE-2023-33859
was published
Jul 10, 2024
An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of...
Moderate
Unreviewed
CVE-2024-33856
was published
May 7, 2024
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to...
Moderate
Unreviewed
CVE-2023-27283
was published
May 4, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames...
Moderate
Unreviewed
CVE-2021-20556
was published
May 3, 2024
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-31186
was published
May 30, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this...
Moderate
Unreviewed
CVE-2023-4095
was published
Sep 19, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could...
Moderate
Unreviewed
CVE-2023-3221
was published
Sep 4, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify...
Moderate
Unreviewed
CVE-2023-35698
was published
Jul 10, 2023
ProTip!
Advisories are also available from the
GraphQL API