Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

287 advisories

Loading
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated... High Unreviewed
CVE-2024-38176 was published Jul 24, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39874 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39873 was published Jul 9, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout... Moderate Unreviewed
CVE-2024-25031 was published Jun 29, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc.... High Unreviewed
CVE-2024-5862 was published Jun 24, 2024
A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that if exploited allows a... Moderate Unreviewed
CVE-2024-28022 was published Jun 11, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form... Moderate Unreviewed
CVE-2024-35747 was published Jun 10, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass Moderate
CVE-2024-32868 was published for github.com/zitadel/zitadel (Go) Apr 25, 2024
livio-a Skelmis
itz-d0dgy amit-laish muhlemmer peintnermax
Improper restriction of excessive authentication attempts with two factor authentication methods... Moderate Unreviewed
CVE-2024-28833 was published Jun 10, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms... Moderate Unreviewed
CVE-2023-48276 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder... Moderate Unreviewed
CVE-2023-48290 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact... Moderate Unreviewed
CVE-2023-48318 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha... Moderate Unreviewed
CVE-2023-48745 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP... Moderate Unreviewed
CVE-2023-44235 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive... Moderate Unreviewed
CVE-2023-45009 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress... Moderate Unreviewed
CVE-2023-34001 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force... Moderate Unreviewed
CVE-2023-23730 was published Jun 4, 2024
Silverstripe Brute force bypass on default admin Critical
GHSA-8v6m-7f5v-hhx6 was published for silverstripe/framework (Composer) May 23, 2024
OATHAuth extension in MediaWiki is not implementing rate limit High
CVE-2020-25827 was published for mediawiki/core (Composer) May 24, 2022
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment... Moderate Unreviewed
CVE-2024-32720 was published May 17, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid... Moderate Unreviewed
CVE-2024-32774 was published May 17, 2024
eZ Platform Admin UI Password reset vulnerability High
GHSA-hfpp-2vhw-qq43 was published for ezsystems/ezplatform-user (Composer) May 15, 2024
eZ Platform Password reset vulnerability High
GHSA-cg84-55jx-4237 was published for ezsystems/ezplatform-admin-ui (Composer) May 15, 2024
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which... Moderate Unreviewed
CVE-2024-3461 was published May 14, 2024
OpenStack Keystone allows information disclosure during account locking High
CVE-2021-38155 was published for keystone (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API