GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
340 advisories
Filter by severity
The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM,...
Moderate
Unreviewed
CVE-2022-25332
was published
Oct 19, 2023
A vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All...
Moderate
Unreviewed
CVE-2023-43623
was published
Oct 10, 2023
Economizzer user enumeration vulnerability
Moderate
CVE-2023-38871
was published
for
gugoan/economizzer
(Composer)
Sep 28, 2023
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software...
Moderate
Unreviewed
CVE-2023-44216
was published
Sep 27, 2023
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this...
Moderate
Unreviewed
CVE-2023-4095
was published
Sep 19, 2023
Piccolo's current `BaseUser.login` implementation is vulnerable to time based user enumeration
Moderate
CVE-2023-41885
was published
for
piccolo
(pip)
Sep 12, 2023
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could...
Moderate
Unreviewed
CVE-2023-3221
was published
Sep 4, 2023
Username enumeration attack in goauthentik
Moderate
CVE-2023-39522
was published
for
@goauthentik/api
(npm)
Aug 29, 2023
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the...
Moderate
Unreviewed
CVE-2023-20569
was published
Aug 8, 2023
A potential power side-channel vulnerability in
AMD processors may allow an authenticated...
Moderate
Unreviewed
CVE-2023-20583
was published
Aug 1, 2023
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
Moderate
CVE-2023-3462
was published
for
github.com/hashicorp/vault
(Go)
Aug 1, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
User enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to...
Moderate
Unreviewed
CVE-2023-3897
was published
Jul 25, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated...
Moderate
Unreviewed
CVE-2023-20575
was published
Jul 11, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify...
Moderate
Unreviewed
CVE-2023-35698
was published
Jul 10, 2023
A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to...
Moderate
Unreviewed
CVE-2023-3529
was published
Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000...
Moderate
Unreviewed
CVE-2021-36201
was published
Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability....
Moderate
Unreviewed
CVE-2023-3336
was published
Jul 5, 2023
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a...
Moderate
Unreviewed
CVE-2023-3139
was published
Jul 4, 2023
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames.
Moderate
Unreviewed
CVE-2023-22359
was published
Jun 26, 2023
AMI BMC contains a vulnerability in the IPMI
handler, where an unauthorized attacker can use...
Moderate
Unreviewed
CVE-2023-34344
was published
Jun 12, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-31186
was published
May 30, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return...
Moderate
Unreviewed
CVE-2023-28412
was published
May 22, 2023
ginuerzh/gost vulnerable to Timing Attack
Moderate
CVE-2023-32691
was published
for
github.com/ginuerzh/gost
(Go)
May 22, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,...
Moderate
Unreviewed
CVE-2023-23449
was published
May 15, 2023
ProTip!
Advisories are also available from the
GraphQL API