Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

192 advisories

Loading
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of... Critical Unreviewed
CVE-2022-44004 was published Nov 17, 2022
In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the... Critical Unreviewed
CVE-2022-3485 was published Dec 12, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13... Critical Unreviewed
CVE-2022-47377 was published Dec 21, 2022
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's... High Unreviewed
CVE-2020-12067 was published Dec 26, 2022
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature... Moderate Unreviewed
CVE-2022-30332 was published Jan 10, 2023
The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers... High Unreviewed
CVE-2022-25027 was published Jan 13, 2023
A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as... High Unreviewed
CVE-2015-10071 was published Jan 19, 2023
AMI Megarac Password reset interception via API High Unreviewed
CVE-2022-26872 was published Jan 30, 2023
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1... Critical Unreviewed
CVE-2022-47697 was published Jan 31, 2023
An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A... Critical Unreviewed
CVE-2022-45782 was published Feb 2, 2023
The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker... Critical Unreviewed
CVE-2023-0352 was published Mar 13, 2023
An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android... Critical Unreviewed
CVE-2022-45637 was published Mar 21, 2023
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email... Moderate Unreviewed
CVE-2021-36436 was published Apr 20, 2023
Insufficient token expiration in Serenity High
CVE-2023-31287 was published for Serenity.Net.Core (NuGet) Apr 27, 2023
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS... Critical Unreviewed
CVE-2023-30466 was published Apr 28, 2023
Missing rate limit for password resets Moderate
CVE-2023-28821 was published for concrete5/concrete5 (Composer) Apr 28, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6... High Unreviewed
CVE-2023-31459 was published May 24, 2023
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2023-3007 was published May 31, 2023
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2022-42807 was published Jun 23, 2023
This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and... Moderate Unreviewed
CVE-2023-28202 was published Jun 23, 2023
D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates... High Unreviewed
CVE-2023-26615 was published Jun 28, 2023
The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows... Critical Unreviewed
CVE-2023-36487 was published Jun 29, 2023
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable... High Unreviewed
CVE-2023-29145 was published Jun 30, 2023
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding... Moderate Unreviewed
CVE-2023-35134 was published Jul 20, 2023
A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue... Moderate Unreviewed
CVE-2023-4448 was published Aug 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database