Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

162 advisories

Loading
A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability... Moderate Unreviewed
CVE-2024-0425 was published Jan 11, 2024
WWBN AVideo recovery notification bypass vulnerability Moderate
CVE-2023-50172 was published for wwbn/avideo (Composer) Jan 10, 2024
An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation... High Unreviewed
CVE-2023-49589 was published Jan 10, 2024
A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0... Low Unreviewed
CVE-2024-0186 was published Jan 2, 2024
In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205,... High Unreviewed
CVE-2023-42481 was published Dec 12, 2023
ZITADEL Account Takeover via Malicious Host Header Injection High
CVE-2023-49097 was published for github.com/zitadel/zitadel (Go) Nov 29, 2023
eliobischof livio-a
amit-laish
The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up... High Unreviewed
CVE-2023-4214 was published Nov 18, 2023
A vulnerability, which was classified as problematic, was found in Beijing Baichuo Smart S85F... Moderate Unreviewed
CVE-2023-5959 was published Nov 11, 2023
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg... Moderate Unreviewed
CVE-2023-5840 was published Oct 29, 2023
ZITADEL's password reset does not respect the "Ignoring unknown usernames" setting Moderate
CVE-2023-44399 was published for github.com/zitadel/zitadel (Go) Oct 10, 2023
hoseph livio-a
fforootd adlerhurst
A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic.... Moderate Unreviewed
CVE-2023-5296 was published Sep 30, 2023
Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which... High Unreviewed
CVE-2023-4096 was published Sep 19, 2023
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The... High Unreviewed
CVE-2023-34357 was published Sep 7, 2023
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in... High Unreviewed
CVE-2023-3222 was published Sep 4, 2023
A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue... Moderate Unreviewed
CVE-2023-4448 was published Aug 21, 2023
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding... Moderate Unreviewed
CVE-2023-35134 was published Jul 20, 2023
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable... High Unreviewed
CVE-2023-29145 was published Jun 30, 2023
The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows... Critical Unreviewed
CVE-2023-36487 was published Jun 29, 2023
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates... High Unreviewed
CVE-2023-26615 was published Jun 28, 2023
This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and... Moderate Unreviewed
CVE-2023-28202 was published Jun 23, 2023
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2022-42807 was published Jun 23, 2023
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2023-3007 was published May 31, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6... High Unreviewed
CVE-2023-31459 was published May 24, 2023
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS... Critical Unreviewed
CVE-2023-30466 was published Apr 28, 2023
Insufficient token expiration in Serenity High
CVE-2023-31287 was published for Serenity.Net.Core (NuGet) Apr 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database