Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,926
Erlang
39
GitHub Actions
38
Go
2,576
Maven
5,000+
npm
4,246
NuGet
754
pip
4,008
Pub
12
RubyGems
953
Rust
1,045
Swift
45
Unreviewed advisories
All unreviewed
5,000+

18 advisories

Loading
CWE-620: Unverified Password Change Moderate Unreviewed
CVE-2025-46389 was published Aug 6, 2025
A vulnerability was found in UTT 进取 750W up to 5.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-6097 was published Jun 16, 2025
A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R... Moderate Unreviewed
CVE-2025-4903 was published May 19, 2025
A vulnerability has been found in ContiNew Admin up to 3.6.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-4552 was published May 12, 2025
The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account... Moderate Unreviewed
CVE-2025-3793 was published Apr 24, 2025
A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0.... Moderate Unreviewed
CVE-2025-3849 was published Apr 22, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Moderate Unreviewed
CVE-2024-41796 was published Apr 8, 2025
In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management... Moderate Unreviewed
CVE-2024-9431 was published Mar 20, 2025
IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0... Moderate Unreviewed
CVE-2024-45647 was published Jan 20, 2025
OctoPrint has API key access in settings without reauthentication Moderate
CVE-2024-51493 was published for OctoPrint (pip) Nov 5, 2024
jacopotediosi
Credited to jacopotediosi
The BA Book Everything plugin for WordPress is vulnerable to arbitrary password reset in all... Moderate Unreviewed
CVE-2024-8794 was published Sep 24, 2024
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2... Moderate Unreviewed
CVE-2024-21757 was published Aug 13, 2024
OctoPrint Unverified Password Change via Access Control Settings Moderate
CVE-2024-23637 was published for OctoPrint (pip) Jan 31, 2024
tkruppert
Credited to tkruppert
pimcore/admin-ui-classic-bundle Unverified Password Change Moderate
CVE-2023-5844 was published for pimcore/admin-ui-classic-bundle (Composer) Oct 31, 2023
Th3l0newolf
Credited to Th3l0newolf
The WP User Control plugin for WordPress is vulnerable to unauthorized password resets in... Moderate Unreviewed
CVE-2023-4915 was published Sep 13, 2023
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git. Moderate Unreviewed
CVE-2023-4381 was published Aug 16, 2023
Unverified Password Change in OctoPrint Moderate
CVE-2022-2930 was published for OctoPrint (pip) Aug 23, 2022
A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4... Moderate Unreviewed
CVE-2021-22773 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database