Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

389 advisories

Loading
Fides Webserver API Rate Limiting Vulnerability in Proxied Environments Moderate
CVE-2025-57816 was published for ethyca-fides (pip) Sep 8, 2025
daveqnet eastandwestwind
erosselli
Fides has a Lack of Brute-Force Protections on Authentication Endpoints Low
CVE-2025-57815 was published for ethyca-fides (pip) Sep 8, 2025
thabofletcher daveqnet
It is possible to bypass the clipping level of authentication attempts in SolaX Cloud through the... Moderate Unreviewed
CVE-2025-36758 was published Sep 10, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano... High Unreviewed
CVE-2025-2411 was published Sep 4, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft e-Mutabakat... High Unreviewed
CVE-2025-2417 was published Sep 4, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk... High Unreviewed
CVE-2025-2416 was published Sep 3, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor... High Unreviewed
CVE-2025-2413 was published Sep 2, 2025
Soosyze CMS's /user/login endpoint missing rate-limiting and lockout mechanisms High
CVE-2025-52392 was published for soosyze/soosyze (Composer) Aug 13, 2025
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing... Moderate Unreviewed
CVE-2025-9004 was published Aug 15, 2025
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown... Moderate Unreviewed
CVE-2025-8927 was published Aug 13, 2025
OpenBao Login MFA Bypass of Rate Limiting and TOTP Token Reuse Moderate
CVE-2025-55003 was published for github.com/openbao/openbao (Go) Aug 8, 2025
OpenBao Userpass and LDAP User Lockout Bypass Moderate
CVE-2025-54998 was published for github.com/openbao/openbao (Go) Aug 8, 2025
A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2025-8742 was published Aug 9, 2025
The affected product does not limit the number of attempts for inputting the correct PIN for a... Critical Unreviewed
CVE-2025-46414 was published Aug 8, 2025
File Browser vulnerable to insecure password handling Moderate
CVE-2025-52997 was published for github.com/filebrowser/filebrowser (Go) Jun 30, 2025
mtausig hacdias
Hashicorp Vault has Login MFA Rate Limit Bypass Vulnerability Moderate
CVE-2025-6015 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
Hashicorp Vault has Lockout Feature Authentication Bypass Moderate
CVE-2025-6004 was published for github.com/hashicorp/vault (Go) Aug 1, 2025
A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server... Low Unreviewed
CVE-2023-32251 was published Jul 31, 2025
OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account... Moderate Unreviewed
CVE-2025-54833 was published Jul 31, 2025
Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of... Moderate Unreviewed
CVE-2025-28172 was published Jul 29, 2025
IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could... High Unreviewed
CVE-2024-49342 was published Jul 28, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login... Critical Unreviewed
CVE-2025-7393 was published Jul 21, 2025
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as... Low Unreviewed
CVE-2025-7882 was published Jul 20, 2025
Eclipse GlassFish is vulnerable to Login Brute Force attacks through unlimited failed login attempts Moderate
CVE-2024-9342 was published for org.glassfish.main.admingui:console-common (Maven) Jul 16, 2025
An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version... High Unreviewed
CVE-2024-23106 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database