GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,172

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

389 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout... Critical Unreviewed

CVE-2018-1373 was published May 13, 2022

Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method... Critical Unreviewed

CVE-2018-15759 was published May 13, 2022

Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior... Critical Unreviewed

CVE-2018-11082 was published May 13, 2022

When the device is configured to perform account lockout with a defined period of time, any... Moderate Unreviewed

CVE-2017-10604 was published May 13, 2022

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell... Critical Unreviewed

CVE-2017-7915 was published May 13, 2022

An improper restriction of excessive authentication attempts vulnerability in /principals in... Critical Unreviewed

CVE-2017-15887 was published May 13, 2022

phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in... Critical Unreviewed

CVE-2017-11187 was published May 13, 2022

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could... Critical Unreviewed

CVE-2017-1197 was published May 13, 2022

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through... High Unreviewed

CVE-2017-14423 was published May 13, 2022

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell... Critical Unreviewed

CVE-2017-7898 was published May 13, 2022

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force... Critical Unreviewed

CVE-2018-12993 was published May 13, 2022

A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker... Moderate Unreviewed

CVE-2018-16703 was published May 13, 2022

An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can... Critical Unreviewed

CVE-2018-12649 was published May 13, 2022

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a... Critical Unreviewed

CVE-2018-1475 was published May 13, 2022

IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration,... High Unreviewed

CVE-2019-4068 was published May 24, 2022

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an... Moderate Unreviewed

CVE-2021-43332 was published May 24, 2022

wger vulnerable to brute force attempts Critical

CVE-2022-2650 was published for wger (pip) Nov 24, 2022

An improper restriction of excessive authentication attempts vulnerability [CWE-307] in... Critical Unreviewed

CVE-2022-35846 was published Oct 18, 2022

usememos/memos vulnerable Improper Restriction of Excessive Authentication Attempts Moderate

CVE-2022-4797 was published for github.com/usememos/memos (Go) Dec 28, 2022

ENC DataVault 7.1.1W and VaultAPI v67, which is currently being used in various other... High Unreviewed

CVE-2021-36750 was published Dec 23, 2021

An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute... Critical Unreviewed

CVE-2020-21238 was published Dec 29, 2021

An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute... Critical Unreviewed

CVE-2020-21237 was published Dec 29, 2021

Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873... Critical Unreviewed

CVE-2021-41807 was published Jan 19, 2022

The code that performs password matching when using 'Basic' HTTP authentication does not use a... Critical Unreviewed

CVE-2021-43298 was published Jan 26, 2022

Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication... Critical Unreviewed

CVE-2022-22553 was published Jan 22, 2022

Previous 1…5…16 Next

Previous 1 2 3 4 5 6 7 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

389 advisories