Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

613 advisories

Loading
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could... Moderate Unreviewed
CVE-2023-3221 was published Sep 4, 2023
Username enumeration attack in goauthentik Moderate
CVE-2023-39522 was published for @goauthentik/api (npm) Aug 29, 2023
markrassamni
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password... Critical Unreviewed
CVE-2023-40756 was published Aug 28, 2023
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a... High Unreviewed
CVE-2023-33850 was published Aug 22, 2023
The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login... High Unreviewed
CVE-2023-3604 was published Aug 21, 2023
Jenkins Tuleap Authentication Plugin non-constant time token comparison Low
CVE-2023-40343 was published for io.jenkins.plugins:tuleap-oauth (Maven) Aug 16, 2023
This issue was addressed by restricting options offered on a locked device. This issue is fixed... Low Unreviewed
CVE-2022-46724 was published Aug 15, 2023
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the... Moderate Unreviewed
CVE-2023-20569 was published Aug 8, 2023
A potential power side-channel vulnerability in AMD processors may allow an authenticated... Moderate Unreviewed
CVE-2023-20583 was published Aug 1, 2023
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration Moderate
CVE-2023-3462 was published for github.com/hashicorp/vault (Go) Aug 1, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2023-37217 was published Jul 30, 2023
User enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to... Moderate Unreviewed
CVE-2023-3897 was published Jul 25, 2023
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping... High Unreviewed
CVE-2023-3640 was published Jul 24, 2023
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem... High Unreviewed
CVE-2023-34669 was published Jul 17, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated... Moderate Unreviewed
CVE-2023-20575 was published Jul 11, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify... Moderate Unreviewed
CVE-2023-35698 was published Jul 10, 2023
A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to... Moderate Unreviewed
CVE-2023-3529 was published Jul 6, 2023
The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability... Moderate Unreviewed
CVE-2023-28015 was published Jul 6, 2023
The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in... High Unreviewed
CVE-2023-28770 was published Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000... Moderate Unreviewed
CVE-2021-36201 was published Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.... Moderate Unreviewed
CVE-2023-3336 was published Jul 5, 2023
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a... Moderate Unreviewed
CVE-2023-3139 was published Jul 4, 2023
An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through... Moderate Unreviewed
CVE-2023-37305 was published Jun 30, 2023
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames. Moderate Unreviewed
CVE-2023-22359 was published Jun 26, 2023
This issue was addressed with improved data protection. This issue is fixed in iOS 16.1 and... Moderate Unreviewed
CVE-2022-42792 was published Jun 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database