GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,036
Composer 5,478
Erlang 46
GitHub Actions 48
Go 3,370
Maven 6,352
npm 5,410
NuGet 881
pip 4,563
Pub 13
RubyGems 1,013
Rust 1,205
Swift 51

Unreviewed advisories

All unreviewed 295,770

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

88 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

User enumeration in ESET Protect (on-prem) via Response Timing. Moderate Unreviewed

CVE-2025-3716 was published Mar 30, 2026

Raytha CMS is vulnerable to User Enumeration in password reset functionality. Difference in... Moderate Unreviewed

CVE-2025-69243 was published Mar 16, 2026

IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an... Moderate Unreviewed

CVE-2025-13460 was published Mar 16, 2026

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43,... Moderate Unreviewed

CVE-2026-24097 was published Mar 13, 2026

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43,... Moderate Unreviewed

CVE-2026-2859 was published Mar 13, 2026

Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing.... Moderate Unreviewed

CVE-2025-12455 was published Mar 13, 2026

A user enumeration vulnerability exists in FormaLMS 4.1.18 and below in the password recovery... Moderate Unreviewed

CVE-2026-26744 was published Feb 20, 2026

DokuWiki 2018-04-22b contains a username enumeration vulnerability in its password reset... Moderate Unreviewed

CVE-2019-25338 was published Feb 13, 2026

Discord through 2026-01-16 allows gathering information about whether a user's client state is... Moderate Unreviewed

CVE-2026-24332 was published Jan 22, 2026

Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by a User Enumeration. This... Moderate Unreviewed

CVE-2025-62181 was published Dec 10, 2025

IntelliChoice eFORCE Software Suite 2.5.9 contains a username enumeration vulnerability that... Moderate Unreviewed

CVE-2021-47717 was published Dec 9, 2025

A vulnerability has been identified in Gridscale X Prepay (All versions < V4.2.1). The affected... Moderate Unreviewed

CVE-2025-40806 was published Dec 9, 2025

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication... Moderate Unreviewed

CVE-2025-65899 was published Dec 5, 2025

Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for... Moderate Unreviewed

CVE-2025-12994 was published Dec 4, 2025

Windu CMS is vulnerable to User Enumeration. This issue occurs during logon, where a difference... Moderate Unreviewed

CVE-2025-59116 was published Nov 18, 2025

Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious... Moderate Unreviewed

CVE-2025-25236 was published Nov 12, 2025

The Frontier Airlines website has a publicly available endpoint that validates if an email... Moderate Unreviewed

CVE-2025-62236 was published Oct 23, 2025

Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its... Moderate Unreviewed

CVE-2025-34155 was published Oct 23, 2025

D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy... Moderate Unreviewed

CVE-2025-34254 was published Oct 16, 2025

D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy... Moderate Unreviewed

CVE-2025-34255 was published Oct 16, 2025

A vulnerability in SAP Financial Service Claims Management RFC function... Moderate Unreviewed

CVE-2025-42903 was published Oct 14, 2025

For failed login attempts, the application returns different error messages depending on whether... Moderate Unreviewed

CVE-2025-58586 was published Oct 6, 2025

Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username... Moderate Unreviewed

CVE-2025-56764 was published Sep 29, 2025

CWE-204: Observable Response Discrepancy High Unreviewed

CVE-2025-46390 was published Aug 6, 2025

OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote... Moderate Unreviewed

CVE-2025-54834 was published Jul 31, 2025

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

88 advisories