GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
12 advisories
Filter by severity
ASP.NET Core allow an elevation of privilege
High
CVE-2018-0787
was published
for
Microsoft.AspNetCore.HttpOverrides
(NuGet)
Oct 16, 2018
Indico Tampering with links (e.g. password reset) in sent emails
High
CVE-2021-30185
was published
for
indico
(pip)
Apr 8, 2021
Malicious password-reset in Akaunting
High
CVE-2021-36804
was published
for
akaunting/akaunting
(Composer)
Sep 1, 2021
Weak Password Recovery Mechanism for Forgotten Password
High
CVE-2021-25957
was published
for
dolibarr/dolibarr
(Composer)
Sep 2, 2021
Weak Password Recovery Mechanism for Forgotten Password in Strapi
High
CVE-2021-28128
was published
for
strapi
(npm)
Oct 6, 2021
Umbraco Persistent Password Reset Poison
High
CVE-2022-22691
was published
for
Umbraco.Cms.Core
(NuGet)
Jan 21, 2022
Rate limit missing in microweber
High
CVE-2022-0777
was published
for
microweber/microweber
(Composer)
Mar 2, 2022
Improper account password reset in Craft CMS
High
CVE-2022-29933
was published
for
craftcms/cms
(Composer)
May 10, 2022
Pagekit Weak Password Recovery Mechanism for Forgotten Password
High
CVE-2017-5594
was published
for
pagekit/pagekit
(Composer)
May 13, 2022
Moodle Weak Password Recovery Mechanism for Forgotten Password
High
CVE-2016-7038
was published
for
moodle/moodle
(Composer)
May 13, 2022
Insufficient token expiration in Serenity
High
CVE-2023-31287
was published
for
Serenity.Net.Core
(NuGet)
Apr 27, 2023
ZITADEL Account Takeover via Malicious Host Header Injection
High
CVE-2023-49097
was published
for
github.com/zitadel/zitadel
(Go)
Nov 29, 2023
ProTip!
Advisories are also available from the
GraphQL API