GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
284 advisories
Filter by severity
CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability
High
CVE-2024-24767
was published
for
github.com/IceWhaleTech/CasaOS-UserService
(Go)
Mar 6, 2024
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings...
Moderate
Unreviewed
CVE-2021-1311
was published
May 24, 2022
A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS)...
Moderate
Unreviewed
CVE-2019-1126
was published
May 24, 2022
An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks...
Moderate
Unreviewed
CVE-2024-30390
was published
Apr 12, 2024
Improper restriction of excessive authentication attempts on some authentication methods in...
Moderate
Unreviewed
CVE-2024-28825
was published
Apr 24, 2024
Dolibarr Improper Restriction of Excessive Authentication Attempts
Critical
CVE-2020-7995
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.
High
Unreviewed
CVE-2023-26756
was published
Apr 14, 2023
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress...
Moderate
Unreviewed
CVE-2024-32676
was published
Apr 25, 2024
Lin-CMS-Flask vulnerable to Improper Authentication
Critical
CVE-2020-18698
was published
for
Lin-CMS
(pip)
May 24, 2022
PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by...
Moderate
Unreviewed
CVE-2022-44022
was published
Oct 30, 2022
PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by...
Moderate
Unreviewed
CVE-2022-44023
was published
Oct 30, 2022
SaltStack RSA Key Generation allows remote users to decrypt communications
High
CVE-2013-2228
was published
for
salt
(pip)
May 5, 2022
OpenStack Keystone allows information disclosure during account locking
High
CVE-2021-38155
was published
for
keystone
(pip)
May 24, 2022
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which...
Moderate
Unreviewed
CVE-2024-3461
was published
May 14, 2024
eZ Platform Password reset vulnerability
High
GHSA-cg84-55jx-4237
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
May 15, 2024
eZ Platform Admin UI Password reset vulnerability
High
GHSA-hfpp-2vhw-qq43
was published
for
ezsystems/ezplatform-user
(Composer)
May 15, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid...
Moderate
Unreviewed
CVE-2024-32774
was published
May 17, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment...
Moderate
Unreviewed
CVE-2024-32720
was published
May 17, 2024
OATHAuth extension in MediaWiki is not implementing rate limit
High
CVE-2020-25827
was published
for
mediawiki/core
(Composer)
May 24, 2022
Silverstripe Brute force bypass on default admin
Critical
GHSA-8v6m-7f5v-hhx6
was published
for
silverstripe/framework
(Composer)
May 23, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force...
Moderate
Unreviewed
CVE-2023-23730
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress...
Moderate
Unreviewed
CVE-2023-34001
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP...
Moderate
Unreviewed
CVE-2023-44235
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive...
Moderate
Unreviewed
CVE-2023-45009
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha...
Moderate
Unreviewed
CVE-2023-48745
was published
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API