GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,432
Composer 4,409
Erlang 33
GitHub Actions 22
Go 2,144
Maven 5,315
npm 3,808
NuGet 687
pip 3,481
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,997

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

68 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the web-based management interface of Cisco ECE could allow an... Moderate Unreviewed

CVE-2022-20633 was published Nov 15, 2024

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Moderate Unreviewed

CVE-2024-6056 was published Jun 17, 2024

vantage6 vulnerable to Observable Response Discrepancy Moderate

CVE-2022-39228 was published for vantage6 (pip) Feb 28, 2023

Information Disclosure in Password Reset Low

CVE-2020-11063 was published for typo3/cms (Composer) May 13, 2020

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames... Moderate Unreviewed

CVE-2021-20556 was published May 3, 2024

IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to... Moderate Unreviewed

CVE-2023-38362 was published Mar 4, 2024

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to... Moderate Unreviewed

CVE-2023-27283 was published May 4, 2024

HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user... Low Unreviewed

CVE-2024-42174 was published Jan 11, 2025

Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force... Moderate Unreviewed

CVE-2025-0693 was published Jan 24, 2025

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed

CVE-2024-35114 was published Jan 25, 2025

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an... Moderate Unreviewed

CVE-2023-47159 was published Jan 27, 2025

IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an... Moderate Unreviewed

CVE-2023-37413 was published Jan 29, 2025

An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through... Moderate Unreviewed

CVE-2024-36510 was published Jan 14, 2025

SAP NetWeaver Server ABAP allows an unauthenticated attacker to exploit a vulnerability that... Moderate Unreviewed

CVE-2025-23193 was published Feb 11, 2025

Pimcore Admin Classic Bundle allows user enumeration Moderate

CVE-2025-24980 was published for pimcore/admin-ui-classic-bundle (Composer) Feb 7, 2025

A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or... Moderate Unreviewed

CVE-2025-1101 was published Feb 12, 2025

Umbraco possible user enumeration Low

CVE-2024-28868 was published for UmbracoCMS (NuGet) Mar 20, 2024

IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable... Moderate Unreviewed

CVE-2023-50306 was published Feb 20, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

68 advisories