Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

21 advisories

Loading
Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git. Moderate Unreviewed
CVE-2023-4381 was published Aug 16, 2023
Unverified Password Change in GitHub repository tsolucio/corebos prior to 8. High Unreviewed
CVE-2023-3069 was published Jun 2, 2023
pimcore/admin-ui-classic-bundle Unverified Password Change Moderate
CVE-2023-5844 was published for pimcore/admin-ui-classic-bundle (Composer) Oct 31, 2023
Th3l0newolf
Expired tokens can be renewed without validating the account password High
GHSA-9wgg-m99q-hhfc was published for emailproxy (pip) Dec 19, 2023
OctoPrint Unverified Password Change via Access Control Settings Moderate
CVE-2024-23637 was published for OctoPrint (pip) Jan 31, 2024
tkruppert
Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process High
CVE-2024-34077 was published for mantisbt/mantisbt (Composer) May 13, 2024
dregad redna-xela
Unverified Password Change in OctoPrint Moderate
CVE-2022-2930 was published for OctoPrint (pip) Aug 23, 2022
OctoPrint has API key access in settings without reauthentication Moderate
CVE-2024-51493 was published for OctoPrint (pip) Nov 5, 2024
jacopotediosi
ProTip! Advisories are also available from the GraphQL API