Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

20 advisories

Loading
OctoPrint has API key access in settings without reauthentication Moderate
CVE-2024-51493 was published for OctoPrint (pip) Nov 5, 2024
jacopotediosi
The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0... Critical Unreviewed
CVE-2024-33699 was published Oct 30, 2024
The BA Book Everything plugin for WordPress is vulnerable to arbitrary password reset in all... Moderate Unreviewed
CVE-2024-8794 was published Sep 24, 2024
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2... Moderate Unreviewed
CVE-2024-21757 was published Aug 13, 2024
An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive... Critical Unreviewed
CVE-2024-26520 was published Jul 26, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... Critical Unreviewed
CVE-2024-37998 was published Jul 22, 2024
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem... Critical Unreviewed
CVE-2024-20419 was published Jul 17, 2024
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote... High Unreviewed
CVE-2024-27715 was published Jul 5, 2024
Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process High
CVE-2024-34077 was published for mantisbt/mantisbt (Composer) May 13, 2024
dregad redna-xela
OctoPrint Unverified Password Change via Access Control Settings Moderate
CVE-2024-23637 was published for OctoPrint (pip) Jan 31, 2024
tkruppert
A vulnerability, which was classified as problematic, was found in Poly CCX 400, CCX 600, Trio... Low Unreviewed
CVE-2023-4465 was published Dec 29, 2023
Expired tokens can be renewed without validating the account password High
GHSA-9wgg-m99q-hhfc was published for emailproxy (pip) Dec 19, 2023
pimcore/admin-ui-classic-bundle Unverified Password Change Moderate
CVE-2023-5844 was published for pimcore/admin-ui-classic-bundle (Composer) Oct 31, 2023
Th3l0newolf
The WP User Control plugin for WordPress is vulnerable to unauthorized password resets in... Moderate Unreviewed
CVE-2023-4915 was published Sep 13, 2023
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git. Moderate Unreviewed
CVE-2023-4381 was published Aug 16, 2023
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable... High Unreviewed
CVE-2023-2297 was published Jul 6, 2023
Unverified Password Change in GitHub repository tsolucio/corebos prior to 8. High Unreviewed
CVE-2023-3069 was published Jun 2, 2023
Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20. High Unreviewed
CVE-2022-3152 was published Sep 8, 2022
Unverified Password Change in OctoPrint Moderate
CVE-2022-2930 was published for OctoPrint (pip) Aug 23, 2022
A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4... Moderate Unreviewed
CVE-2021-22773 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database