Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

427 advisories

Loading
Mautic allows user name enumeration due to response time difference on password reset form Moderate
CVE-2024-47057 was published for mautic/core (Composer) May 28, 2025
patrykgruszka nick-vanpraet
CWE-203: Observable Discrepancy Moderate Unreviewed
CVE-2025-23182 was published May 22, 2025
Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX... Moderate Unreviewed
CVE-2025-3939 was published May 22, 2025
Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid... Moderate Unreviewed
CVE-2021-47664 was published Apr 24, 2025
Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an... Moderate Unreviewed
CVE-2024-11084 was published Apr 15, 2025
During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered... Moderate Unreviewed
CVE-2025-0361 was published Apr 8, 2025
IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive... Moderate Unreviewed
CVE-2024-51477 was published Mar 29, 2025
An issue was discovered in OpenSlides before 4.2.5. During login at the /system/auth/login/... Moderate Unreviewed
CVE-2025-30344 was published Mar 21, 2025
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations Moderate
CVE-2025-29780 was published for PostQuantum-Feldman-VSS (pip) Mar 14, 2025
DavidOsipov
The login functionality of the web server in affected devices does not normalize the response... Moderate Unreviewed
CVE-2023-37482 was published Feb 11, 2025
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition... Moderate Unreviewed
CVE-2024-45089 was published Jan 31, 2025
A specific authentication strategy allows to learn ids of PAM users associated with certain... Moderate Unreviewed
CVE-2025-24506 was published Jan 30, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an... Moderate Unreviewed
CVE-2023-37413 was published Jan 29, 2025
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an... Moderate Unreviewed
CVE-2023-47159 was published Jan 27, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed
CVE-2024-35114 was published Jan 25, 2025
In build_read_multi_rsp of gatt_sr.cc, there is a possible denial of service due to a logic error... Moderate Unreviewed
CVE-2024-43763 was published Jan 22, 2025
In reload of ServiceListing.java , there is a possible way to allow a malicious app to hide an... Moderate Unreviewed
CVE-2024-49733 was published Jan 22, 2025
Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes Moderate
CVE-2025-24011 was published for Umbraco.Cms (NuGet) Jan 21, 2025
Windows Cryptographic Information Disclosure Vulnerability Moderate Unreviewed
CVE-2025-21336 was published Jan 14, 2025
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through... Moderate Unreviewed
CVE-2024-36510 was published Jan 14, 2025
A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0.... Moderate Unreviewed
CVE-2024-13198 was published Jan 9, 2025
A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up... Moderate Unreviewed
CVE-2024-13028 was published Dec 30, 2024
An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18,... Moderate Unreviewed
CVE-2024-54454 was published Dec 27, 2024
Some Honor products are affected by information leak vulnerability, successful exploitation could... Moderate Unreviewed
CVE-2024-47153 was published Dec 26, 2024
Some Honor products are affected by information leak vulnerability, successful exploitation could... Moderate Unreviewed
CVE-2024-47154 was published Dec 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database