Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

151 advisories

Loading
A vulnerability, which was classified as problematic, was found in Beijing Baichuo Smart S85F... Moderate Unreviewed
CVE-2023-5959 was published Nov 11, 2023
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg... Moderate Unreviewed
CVE-2023-5840 was published Oct 29, 2023
ZITADEL's password reset does not respect the "Ignoring unknown usernames" setting Moderate
CVE-2023-44399 was published for github.com/zitadel/zitadel (Go) Oct 10, 2023
hoseph livio-a
fforootd adlerhurst
A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic.... Moderate Unreviewed
CVE-2023-5296 was published Sep 30, 2023
Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which... High Unreviewed
CVE-2023-4096 was published Sep 19, 2023
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The... High Unreviewed
CVE-2023-34357 was published Sep 7, 2023
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in... High Unreviewed
CVE-2023-3222 was published Sep 4, 2023
A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue... Moderate Unreviewed
CVE-2023-4448 was published Aug 21, 2023
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding... Moderate Unreviewed
CVE-2023-35134 was published Jul 20, 2023
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates... High Unreviewed
CVE-2023-26615 was published Jun 28, 2023
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2023-3007 was published May 31, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6... High Unreviewed
CVE-2023-31459 was published May 24, 2023
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS... Critical Unreviewed
CVE-2023-30466 was published Apr 28, 2023
Insufficient token expiration in Serenity High
CVE-2023-31287 was published for Serenity.Net.Core (NuGet) Apr 27, 2023
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email... Moderate Unreviewed
CVE-2021-36436 was published Apr 20, 2023
An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android... Critical Unreviewed
CVE-2022-45637 was published Mar 21, 2023
The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker... Critical Unreviewed
CVE-2023-0352 was published Mar 13, 2023
An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A... Critical Unreviewed
CVE-2022-45782 was published Feb 2, 2023
AMI Megarac Password reset interception via API High Unreviewed
CVE-2022-26872 was published Jan 30, 2023
A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as... High Unreviewed
CVE-2015-10071 was published Jan 19, 2023
The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers... High Unreviewed
CVE-2022-25027 was published Jan 13, 2023
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature... Moderate Unreviewed
CVE-2022-30332 was published Jan 10, 2023
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's... High Unreviewed
CVE-2020-12067 was published Dec 26, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13... Critical Unreviewed
CVE-2022-47377 was published Dec 21, 2022
In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the... Critical Unreviewed
CVE-2022-3485 was published Dec 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database