GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
306 advisories
Filter by severity
PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by...
Moderate
Unreviewed
CVE-2022-44023
was published
Oct 30, 2022
PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by...
Moderate
Unreviewed
CVE-2022-44022
was published
Oct 30, 2022
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress...
Moderate
Unreviewed
CVE-2024-32676
was published
Apr 25, 2024
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.
High
Unreviewed
CVE-2023-26756
was published
Apr 14, 2023
Dolibarr Improper Restriction of Excessive Authentication Attempts
Critical
CVE-2020-7995
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Improper restriction of excessive authentication attempts on some authentication methods in...
Moderate
Unreviewed
CVE-2024-28825
was published
Apr 24, 2024
An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks...
Moderate
Unreviewed
CVE-2024-30390
was published
Apr 12, 2024
A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS)...
Moderate
Unreviewed
CVE-2019-1126
was published
May 24, 2022
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings...
Moderate
Unreviewed
CVE-2021-1311
was published
May 24, 2022
CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability
High
CVE-2024-24767
was published
for
github.com/IceWhaleTech/CasaOS-UserService
(Go)
Mar 6, 2024
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to...
Critical
Unreviewed
CVE-2023-27152
was published
Oct 23, 2023
The TETRA TEA1 keystream generator implements a key register initialization function that...
High
Unreviewed
CVE-2022-24402
was published
Oct 19, 2023
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation...
High
Unreviewed
CVE-2023-44111
was published
Oct 11, 2023
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation...
High
Unreviewed
CVE-2023-44096
was published
Oct 11, 2023
Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU
allows an...
High
Unreviewed
CVE-2023-43699
was published
Oct 9, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an...
High
Unreviewed
CVE-2023-26271
was published
Aug 28, 2023
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to...
High
Unreviewed
CVE-2022-43904
was published
Aug 28, 2023
There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware...
Critical
Unreviewed
CVE-2023-40706
was published
Aug 24, 2023
Microsoft Exchange Server Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2023-21709
was published
Aug 8, 2023
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local...
Low
Unreviewed
CVE-2023-3669
was published
Aug 3, 2023
An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting...
Critical
Unreviewed
CVE-2023-3548
was published
Jul 25, 2023
Weintek Weincloud v0.13.6
could allow an attacker to efficiently develop a brute force...
High
Unreviewed
CVE-2023-32657
was published
Jul 20, 2023
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and...
High
Unreviewed
CVE-2023-29301
was published
Jul 12, 2023
SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized...
High
Unreviewed
CVE-2023-36917
was published
Jul 11, 2023
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4
could allow a...
High
Unreviewed
CVE-2023-35697
was published
Jul 10, 2023
ProTip!
Advisories are also available from the
GraphQL API