GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
34 advisories
Filter by severity
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura...
Moderate
Unreviewed
CVE-2022-42807
was published
Jun 23, 2023
This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and...
Moderate
Unreviewed
CVE-2023-28202
was published
Jun 23, 2023
Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and Liferay DXP 7.3 before...
Moderate
Unreviewed
CVE-2021-29038
was published
Feb 21, 2024
IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their...
Moderate
Unreviewed
CVE-2024-45670
was published
Nov 14, 2024
A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability...
Moderate
Unreviewed
CVE-2024-9907
was published
Oct 13, 2024
A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by...
Moderate
Unreviewed
CVE-2024-8692
was published
Sep 11, 2024
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature...
Moderate
Unreviewed
CVE-2022-30332
was published
Jan 10, 2023
In lunary-ai/lunary version 1.2.4, a vulnerability exists in the password recovery mechanism...
Moderate
Unreviewed
CVE-2024-5277
was published
Jun 6, 2024
An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to...
Moderate
Unreviewed
CVE-2020-14016
was published
May 24, 2022
A vulnerability, which was classified as problematic, was found in Beijing Baichuo Smart S85F...
Moderate
Unreviewed
CVE-2023-5959
was published
Nov 11, 2023
Weintek Weincloud v0.13.6
could allow an attacker to reset a password with the corresponding...
Moderate
Unreviewed
CVE-2023-35134
was published
Jul 20, 2023
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email...
Moderate
Unreviewed
CVE-2021-36436
was published
Apr 20, 2023
SITOS six Build v6.2.1 allows a user to change their password and recovery email address without...
Moderate
Unreviewed
CVE-2019-15749
was published
May 24, 2022
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to...
Moderate
Unreviewed
CVE-2019-14955
was published
May 24, 2022
An issue was discovered in GLPI before 9.4.1. After a successful password reset by a user, it is...
Moderate
Unreviewed
CVE-2019-13240
was published
May 24, 2022
A vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. Affected is an...
Moderate
Unreviewed
CVE-2024-0491
was published
Jan 13, 2024
A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability...
Moderate
Unreviewed
CVE-2024-0425
was published
Jan 11, 2024
A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2023-4448
was published
Aug 21, 2023
A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic....
Moderate
Unreviewed
CVE-2023-5296
was published
Sep 30, 2023
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg...
Moderate
Unreviewed
CVE-2023-5840
was published
Oct 29, 2023
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2023-3007
was published
May 31, 2023
An issue was discovered in Delta RM 1.2. It is possible to request a new password for any other...
Moderate
Unreviewed
CVE-2021-44839
was published
Jan 19, 2022
WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which...
Moderate
Unreviewed
CVE-2017-8295
was published
May 17, 2022
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. Enumeration of users is...
Moderate
Unreviewed
CVE-2018-10210
was published
May 14, 2022
An issue was discovered in Mahara before 18.10.0. It mishandled user requests that could...
Moderate
Unreviewed
CVE-2017-1000141
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API