Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

122 advisories

Loading
It is possible to bypass the clipping level of authentication attempts in SolaX Cloud through the... Moderate Unreviewed
CVE-2025-36758 was published Sep 10, 2025
Fides Webserver API Rate Limiting Vulnerability in Proxied Environments Moderate
CVE-2025-57816 was published for ethyca-fides (pip) Sep 8, 2025
daveqnet eastandwestwind
erosselli
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing... Moderate Unreviewed
CVE-2025-9004 was published Aug 15, 2025
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown... Moderate Unreviewed
CVE-2025-8927 was published Aug 13, 2025
A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2025-8742 was published Aug 9, 2025
OpenBao Login MFA Bypass of Rate Limiting and TOTP Token Reuse Moderate
CVE-2025-55003 was published for github.com/openbao/openbao (Go) Aug 8, 2025
OpenBao Userpass and LDAP User Lockout Bypass Moderate
CVE-2025-54998 was published for github.com/openbao/openbao (Go) Aug 8, 2025
Hashicorp Vault has Login MFA Rate Limit Bypass Vulnerability Moderate
CVE-2025-6015 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
Hashicorp Vault has Lockout Feature Authentication Bypass Moderate
CVE-2025-6004 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account... Moderate Unreviewed
CVE-2025-54833 was published Jul 31, 2025
Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of... Moderate Unreviewed
CVE-2025-28172 was published Jul 29, 2025
Eclipse GlassFish is vulnerable to Login Brute Force attacks through unlimited failed login attempts Moderate
CVE-2024-9342 was published for org.glassfish.main.admingui:console-common (Maven) Jul 16, 2025
File Browser vulnerable to insecure password handling Moderate
CVE-2025-52997 was published for github.com/filebrowser/filebrowser (Go) Jun 30, 2025
mtausig hacdias
Weblate lacks rate limiting when verifying second factor Moderate
CVE-2025-47951 was published for weblate (pip) Jun 16, 2025
nijel obscuredeer
amCap1712
The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker... Moderate Unreviewed
CVE-2025-49195 was published Jun 12, 2025
The product does not implement sufficient measures to prevent multiple failed authentication... Moderate Unreviewed
CVE-2025-49186 was published Jun 12, 2025
A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-5864 was published Jun 9, 2025
An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1... Moderate Unreviewed
CVE-2023-34732 was published May 12, 2025
A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco... Moderate Unreviewed
CVE-2025-20196 was published May 7, 2025
A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3... Moderate Unreviewed
CVE-2025-3556 was published Apr 14, 2025
A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in... Moderate Unreviewed
CVE-2025-3555 was published Apr 14, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code... Moderate Unreviewed
CVE-2025-3129 was published Apr 3, 2025
Unauthorised access to the call forwarding service system in MeetMe products in versions prior to... Moderate Unreviewed
CVE-2025-2911 was published Mar 28, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot... Moderate Unreviewed
CVE-2025-1496 was published Mar 20, 2025
A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has... Moderate Unreviewed
CVE-2025-1629 was published Feb 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database