Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
Malicious password-reset in Akaunting High
CVE-2021-36804 was published for akaunting/akaunting (Composer) Sep 1, 2021
Weak Password Recovery Mechanism for Forgotten Password High
CVE-2021-25957 was published for dolibarr/dolibarr (Composer) Sep 2, 2021
Rate limit missing in microweber High
CVE-2022-0777 was published for microweber/microweber (Composer) Mar 2, 2022
Multiple valid tokens for password reset in Shopware Moderate
CVE-2022-24892 was published for shopware/shopware (Composer) Apr 28, 2022
Improper account password reset in Craft CMS High
CVE-2022-29933 was published for craftcms/cms (Composer) May 10, 2022
Pagekit Weak Password Recovery Mechanism for Forgotten Password High
CVE-2017-5594 was published for pagekit/pagekit (Composer) May 13, 2022
Moodle Weak Password Recovery Mechanism for Forgotten Password High
CVE-2016-7038 was published for moodle/moodle (Composer) May 13, 2022
Contao Does Not Invalidate Existing Sessions When Password Changes Critical
CVE-2019-10641 was published for contao/contao (Composer) May 14, 2022
Craft CMS subject to URL forgery Moderate
CVE-2017-8385 was published for craftcms/cms (Composer) May 17, 2022
Craft CMS possibility of brute force attempts Critical
CVE-2019-15929 was published for craftcms/cms (Composer) May 24, 2022
WWBN AVideo recovery notification bypass vulnerability Moderate
CVE-2023-50172 was published for wwbn/avideo (Composer) Jan 10, 2024
ProTip! Advisories are also available from the GraphQL API