GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
287 advisories
Filter by severity
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated...
High
Unreviewed
CVE-2024-38176
was published
Jul 24, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39874
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39873
was published
Jul 9, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout...
Moderate
Unreviewed
CVE-2024-25031
was published
Jun 29, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc....
High
Unreviewed
CVE-2024-5862
was published
Jun 24, 2024
A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that
if exploited allows a...
Moderate
Unreviewed
CVE-2024-28022
was published
Jun 11, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form...
Moderate
Unreviewed
CVE-2024-35747
was published
Jun 10, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass
Moderate
CVE-2024-32868
was published
for
github.com/zitadel/zitadel
(Go)
Apr 25, 2024
Improper restriction of excessive authentication attempts with two factor authentication methods...
Moderate
Unreviewed
CVE-2024-28833
was published
Jun 10, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms...
Moderate
Unreviewed
CVE-2023-48276
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder...
Moderate
Unreviewed
CVE-2023-48290
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact...
Moderate
Unreviewed
CVE-2023-48318
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha...
Moderate
Unreviewed
CVE-2023-48745
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP...
Moderate
Unreviewed
CVE-2023-44235
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive...
Moderate
Unreviewed
CVE-2023-45009
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress...
Moderate
Unreviewed
CVE-2023-34001
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force...
Moderate
Unreviewed
CVE-2023-23730
was published
Jun 4, 2024
Silverstripe Brute force bypass on default admin
Critical
GHSA-8v6m-7f5v-hhx6
was published
for
silverstripe/framework
(Composer)
May 23, 2024
OATHAuth extension in MediaWiki is not implementing rate limit
High
CVE-2020-25827
was published
for
mediawiki/core
(Composer)
May 24, 2022
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment...
Moderate
Unreviewed
CVE-2024-32720
was published
May 17, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid...
Moderate
Unreviewed
CVE-2024-32774
was published
May 17, 2024
eZ Platform Admin UI Password reset vulnerability
High
GHSA-hfpp-2vhw-qq43
was published
for
ezsystems/ezplatform-user
(Composer)
May 15, 2024
eZ Platform Password reset vulnerability
High
GHSA-cg84-55jx-4237
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
May 15, 2024
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which...
Moderate
Unreviewed
CVE-2024-3461
was published
May 14, 2024
OpenStack Keystone allows information disclosure during account locking
High
CVE-2021-38155
was published
for
keystone
(pip)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API