GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,705
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
492 advisories
Filter by severity
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
Moderate
CVE-2023-3462
was published
for
github.com/hashicorp/vault
(Go)
Aug 1, 2023
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-37217
was published
Jul 30, 2023
User enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to...
Moderate
Unreviewed
CVE-2023-3897
was published
Jul 25, 2023
A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping...
High
Unreviewed
CVE-2023-3640
was published
Jul 24, 2023
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem...
High
Unreviewed
CVE-2023-34669
was published
Jul 17, 2023
A potential power side-channel vulnerability in some AMD processors may allow an authenticated...
Moderate
Unreviewed
CVE-2023-20575
was published
Jul 11, 2023
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify...
Moderate
Unreviewed
CVE-2023-35698
was published
Jul 10, 2023
A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to...
Moderate
Unreviewed
CVE-2023-3529
was published
Jul 6, 2023
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000...
Moderate
Unreviewed
CVE-2021-36201
was published
Jul 6, 2023
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability....
Moderate
Unreviewed
CVE-2023-3336
was published
Jul 5, 2023
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a...
Moderate
Unreviewed
CVE-2023-3139
was published
Jul 4, 2023
User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames.
Moderate
Unreviewed
CVE-2023-22359
was published
Jun 26, 2023
AMI BMC contains a vulnerability in the IPMI
handler, where an unauthorized attacker can use...
Moderate
Unreviewed
CVE-2023-34344
was published
Jun 12, 2023
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based...
High
Unreviewed
CVE-2023-32342
was published
May 31, 2023
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
Moderate
Unreviewed
CVE-2023-31186
was published
May 30, 2023
When supplied with a random MAC address, Snap One OvrC cloud servers will return...
Moderate
Unreviewed
CVE-2023-28412
was published
May 22, 2023
ginuerzh/gost vulnerable to Timing Attack
Moderate
CVE-2023-32691
was published
for
github.com/ginuerzh/gost
(Go)
May 22, 2023
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215,...
Moderate
Unreviewed
CVE-2023-23449
was published
May 15, 2023
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be...
Moderate
Unreviewed
CVE-2022-40482
was published
Apr 25, 2023
A username enumeration issue was discovered in Medicine Tracker System 1.0. The login...
Moderate
Unreviewed
CVE-2023-30458
was published
Apr 24, 2023
io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it...
Unknown
Unreviewed
CVE-2023-26556
was published
Apr 21, 2023
io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side...
Unknown
Unreviewed
CVE-2023-26557
was published
Apr 21, 2023
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions...
Moderate
Unreviewed
CVE-2023-27464
was published
Apr 11, 2023
HashiCorp Vault's implementation of Shamir's secret sharing vulnerable to cache-timing attacks
Moderate
CVE-2023-25000
was published
for
github.com/hashicorp/vault
(Go)
Mar 30, 2023
An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response...
High
Unreviewed
CVE-2023-26071
was published
Mar 28, 2023
ProTip!
Advisories are also available from the
GraphQL API