Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

389 advisories

Loading
WiseConnect - ScreenConnect Session Code Bypass. An attacker would have to use a proxy to monitor... Moderate Unreviewed
CVE-2022-36781 was published Sep 29, 2022
An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0. An "User... Moderate Unreviewed
CVE-2020-28206 was published May 24, 2022
In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575). Moderate Unreviewed
CVE-2020-29136 was published May 24, 2022
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist... Moderate Unreviewed
CVE-2020-5141 was published May 24, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH... Critical Unreviewed
CVE-2020-25196 was published May 24, 2022
An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because... Moderate Unreviewed
CVE-2020-29042 was published May 24, 2022
A ZTE product is impacted by the improper access control vulnerability. Due to lack of an... Critical Unreviewed
CVE-2020-6875 was published May 24, 2022
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid... Critical Unreviewed
CVE-2020-15906 was published May 24, 2022
WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the... Critical Unreviewed
CVE-2022-33106 was published Oct 12, 2022
A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS... High Unreviewed
CVE-2020-15786 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2018.5. There is a lack of lock-out after excessive... Critical Unreviewed
CVE-2020-15770 was published May 24, 2022
OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system... Moderate Unreviewed
CVE-2020-14494 was published May 24, 2022
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by... High Unreviewed
CVE-2022-4006 was published Nov 16, 2022
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over... Moderate Unreviewed
CVE-2019-13394 was published May 24, 2022
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet... Low Unreviewed
CVE-2020-11582 was published May 24, 2022
Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows... High Unreviewed
CVE-2022-26964 was published Dec 26, 2022
An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12... Moderate Unreviewed
CVE-2019-15577 was published May 24, 2022
A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a... Critical Unreviewed
CVE-2022-2457 was published Aug 11, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... High Unreviewed
CVE-2022-24044 was published May 21, 2022
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated... Moderate Unreviewed
CVE-2014-2875 was published May 17, 2022
Improper Restriction of Excessive Authentication Attempts in GitHub repository kareadita/kavita... Moderate Unreviewed
CVE-2022-3945 was published Nov 11, 2022
Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon... Critical Unreviewed
CVE-2022-2166 was published Nov 16, 2022
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application... High Unreviewed
CVE-2022-38491 was published Jan 10, 2023
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts... Critical Unreviewed
CVE-2022-31234 was published Jul 22, 2022
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control.... Moderate Unreviewed
CVE-2022-24689 was published Jul 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database