GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,464
Composer 5,137
Erlang 40
GitHub Actions 38
Go 2,831
Maven 6,209
npm 4,462
NuGet 775
pip 4,226
Pub 12
RubyGems 972
Rust 1,093
Swift 47

Unreviewed advisories

All unreviewed 285,968

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

527 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between... Moderate Unreviewed

CVE-2024-55374 was published Jan 2, 2026

H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid... Moderate Unreviewed

CVE-2022-50800 was published Dec 31, 2025

GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism... Moderate Unreviewed

CVE-2023-53943 was published Dec 18, 2025

There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows... Low Unreviewed

CVE-2025-65185 was published Dec 17, 2025

In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test Low Unreviewed

CVE-2025-68164 was published Dec 16, 2025

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into... Low Unreviewed

CVE-2025-13912 was published Dec 11, 2025

SpinetiX Fusion Digital Signage 3.4.8 contains a username enumeration vulnerability in its login... Moderate Unreviewed

CVE-2020-36888 was published Dec 10, 2025

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated... Moderate Unreviewed

CVE-2025-39665 was published Dec 3, 2025

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed

CVE-2025-59702 was published Dec 2, 2025

An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12... Moderate Unreviewed

CVE-2025-56423 was published Nov 24, 2025

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which... Low Unreviewed

CVE-2025-11932 was published Nov 22, 2025

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels... Low Unreviewed

CVE-2025-12888 was published Nov 22, 2025

IBM Aspera 5.0.0 through 5.0.13.1 could disclose sensitive user information from the system to... Moderate Unreviewed

CVE-2025-36225 was published Oct 9, 2025

Improper handling of authentication requests lead to a user enumeration vector in the passkey... Moderate Unreviewed

CVE-2025-54477 was published Sep 30, 2025

Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated... High Unreviewed

CVE-2025-41252 was published Sep 29, 2025

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote... Critical Unreviewed

CVE-2025-10890 was published Sep 24, 2025

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc.... Moderate Unreviewed

CVE-2025-9031 was published Sep 24, 2025

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison... High Unreviewed

CVE-2025-39702 was published Sep 5, 2025

In multiple locations, there is a possible way to access data displayed on the screen due to side... Moderate Unreviewed

CVE-2025-48561 was published Sep 4, 2025

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this... Moderate Unreviewed

CVE-2025-9109 was published Aug 18, 2025

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic.... Low Unreviewed

CVE-2025-8774 was published Aug 9, 2025

The public-facing product registration endpoint server responds differently depending on whether... Moderate Unreviewed

CVE-2025-47872 was published Aug 8, 2025

A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the... Moderate Unreviewed

CVE-2025-24391 was published Jul 14, 2025

An issue was discovered in eGroupWare 17.1.20190111. A User Enumeration vulnerability exists... Moderate Unreviewed

CVE-2023-38327 was published Jul 11, 2025

Timing difference in password reset in Ergon Informatik AG's Airlock IAM 7.7.9, 8.0.8, 8.1.7, 8.2... Moderate Unreviewed

CVE-2025-6056 was published Jul 4, 2025

Previous1…22 Next

Previous 1 2 3 4 5 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

527 advisories