Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,357
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or... Moderate Unreviewed
CVE-2025-1101 was published Feb 12, 2025
Pimcore Admin Classic Bundle allows user enumeration Moderate
CVE-2025-24980 was published for pimcore/admin-ui-classic-bundle (Composer) Feb 7, 2025
Ayman-Rayan
SAP NetWeaver Server ABAP allows an unauthenticated attacker to exploit a vulnerability that... Moderate Unreviewed
CVE-2025-23193 was published Feb 11, 2025
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through... Moderate Unreviewed
CVE-2024-36510 was published Jan 14, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an... Moderate Unreviewed
CVE-2023-37413 was published Jan 29, 2025
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an... Moderate Unreviewed
CVE-2023-47159 was published Jan 27, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed
CVE-2024-35114 was published Jan 25, 2025
Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force... Moderate Unreviewed
CVE-2025-0693 was published Jan 24, 2025
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to... Moderate Unreviewed
CVE-2023-27283 was published May 4, 2024
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to... Moderate Unreviewed
CVE-2023-38362 was published Mar 4, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames... Moderate Unreviewed
CVE-2021-20556 was published May 3, 2024
vantage6 vulnerable to Observable Response Discrepancy Moderate
CVE-2022-39228 was published for vantage6 (pip) Feb 28, 2023
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Moderate Unreviewed
CVE-2024-6056 was published Jun 17, 2024
A vulnerability in the web-based management interface of Cisco ECE could allow an... Moderate Unreviewed
CVE-2022-20633 was published Nov 15, 2024
Observable Response Discrepancy vulnerability in HumHub GmbH & Co. KG - HumHub on Linux allows:... Moderate Unreviewed
CVE-2024-52043 was published Nov 6, 2024
Django allows enumeration of user e-mail addresses Moderate
CVE-2024-45231 was published for Django (pip) Oct 8, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that makes it possible to tell... Moderate Unreviewed
CVE-2024-41715 was published Sep 26, 2024
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of... Moderate Unreviewed
CVE-2024-47129 was published Sep 26, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed
CVE-2023-46170 was published Mar 7, 2024
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that... Moderate Unreviewed
CVE-2024-8651 was published Sep 19, 2024
Observable Response Discrepancy in Flask-AppBuilder Moderate
CVE-2022-21659 was published for Flask-AppBuilder (pip) Feb 1, 2022
SamWheating
Mautic allows users enumeration due to weak password login Moderate
CVE-2024-47059 was published for mautic/core (Composer) Sep 18, 2024
tomekkowalczyk patrykgruszka
escopecz rafibz007
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine... Moderate Unreviewed
CVE-2024-34336 was published Sep 12, 2024
An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user... Moderate Unreviewed
CVE-2023-37831 was published Oct 31, 2023
Loway - CWE-204: Observable Response Discrepancy Moderate Unreviewed
CVE-2024-42343 was published Sep 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database