Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

188 advisories

Loading
An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password... Critical Unreviewed
CVE-2024-48428 was published Oct 25, 2024
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is... High Unreviewed
CVE-2024-9302 was published Oct 25, 2024
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation... High Unreviewed
CVE-2024-9305 was published Oct 16, 2024
A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability... Moderate Unreviewed
CVE-2024-9907 was published Oct 13, 2024
A host header injection vulnerability in MEANStore 1.0 allows attackers to obtain the password... High Unreviewed
CVE-2024-45980 was published Sep 26, 2024
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an... Critical Unreviewed
CVE-2024-8878 was published Sep 25, 2024
A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by... Moderate Unreviewed
CVE-2024-8692 was published Sep 11, 2024
A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain... High Unreviewed
CVE-2024-42915 was published Aug 23, 2024
HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability.... High Unreviewed
CVE-2024-6203 was published Aug 6, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the... Critical Unreviewed
CVE-2024-38468 was published Jun 16, 2024
Keycloak Denial of Service via account lockout Low
CVE-2024-1722 was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024
Chetven
The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak... High Unreviewed
CVE-2023-7264 was published Jun 11, 2024
In lunary-ai/lunary version 1.2.4, a vulnerability exists in the password recovery mechanism... Moderate Unreviewed
CVE-2024-5277 was published Jun 6, 2024
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak... Critical Unreviewed
CVE-2024-5404 was published Jun 3, 2024
TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability... High Unreviewed
CVE-2023-35717 was published May 3, 2024
In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings (that make use of a... High Unreviewed
CVE-2024-33530 was published May 2, 2024
Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does... High Unreviewed
CVE-2024-27899 was published Apr 9, 2024
This vulnerability allows remote attackers to reset the password of anonymous users without... Critical Unreviewed
CVE-2024-2862 was published Mar 25, 2024
Weak password recovery mechanism in CDeX application allows to retrieve password reset token.This... High Unreviewed
CVE-2024-2463 was published Mar 21, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery... High Unreviewed
CVE-2024-24903 was published Mar 1, 2024
Liferay Portal and Liferay DXP Does Not Obfuscate Password Reminder Answers Moderate
CVE-2021-29038 was published for com.liferay.commerce:com.liferay.commerce.account.web (Maven) Feb 21, 2024
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password... High Unreviewed
CVE-2024-22454 was published Feb 13, 2024
A vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. Affected is an... Moderate Unreviewed
CVE-2024-0491 was published Jan 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16... Critical Unreviewed
CVE-2023-7028 was published Jan 12, 2024
A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability... Moderate Unreviewed
CVE-2024-0425 was published Jan 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database