Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

56 advisories

Loading
OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote... Moderate Unreviewed
CVE-2025-54834 was published Jul 31, 2025
For failed login attempts, the application returns different error messages depending on whether... Moderate Unreviewed
CVE-2025-27451 was published Jul 3, 2025
For failed login attempts, the application returns different error messages depending on whether... Moderate Unreviewed
CVE-2025-49187 was published Jun 12, 2025
IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker... Moderate Unreviewed
CVE-2025-0163 was published Jun 11, 2025
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX... Moderate Unreviewed
CVE-2025-3939 was published May 22, 2025
A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All... Moderate Unreviewed
CVE-2024-51447 was published May 13, 2025
A vulnerability in the login functionality of the web application of ctrlX OS allows a remote... Moderate Unreviewed
CVE-2025-24342 was published Apr 30, 2025
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate... Moderate Unreviewed
CVE-2022-0564 was published Feb 22, 2022
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.21.0), Mendix... Moderate Unreviewed
CVE-2025-30280 was published Apr 8, 2025
IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due... Moderate Unreviewed
CVE-2024-56476 was published Apr 2, 2025
User enumeration in the password reset module of the MeetMe authentication service in versions... Moderate Unreviewed
CVE-2025-2910 was published Mar 28, 2025
User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1... Moderate Unreviewed
CVE-2024-55198 was published Mar 13, 2025
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an... Moderate Unreviewed
CVE-2023-47159 was published Jan 27, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an... Moderate Unreviewed
CVE-2023-37413 was published Jan 29, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed
CVE-2024-35114 was published Jan 25, 2025
IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable... Moderate Unreviewed
CVE-2023-50306 was published Feb 20, 2024
A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or... Moderate Unreviewed
CVE-2025-1101 was published Feb 12, 2025
SAP NetWeaver Server ABAP allows an unauthenticated attacker to exploit a vulnerability that... Moderate Unreviewed
CVE-2025-23193 was published Feb 11, 2025
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through... Moderate Unreviewed
CVE-2024-36510 was published Jan 14, 2025
Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force... Moderate Unreviewed
CVE-2025-0693 was published Jan 24, 2025
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to... Moderate Unreviewed
CVE-2023-27283 was published May 4, 2024
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to... Moderate Unreviewed
CVE-2023-38362 was published Mar 4, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames... Moderate Unreviewed
CVE-2021-20556 was published May 3, 2024
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Moderate Unreviewed
CVE-2024-6056 was published Jun 17, 2024
A vulnerability in the web-based management interface of Cisco&nbsp;ECE could allow an... Moderate Unreviewed
CVE-2022-20633 was published Nov 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database