Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

112 advisories

Loading
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access... Critical Unreviewed
CVE-2021-28909 was published May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout... Critical Unreviewed
CVE-2021-38474 was published May 24, 2022
Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager,... Critical Unreviewed
CVE-2021-32522 was published May 24, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC... Critical Unreviewed
CVE-2020-28212 was published May 24, 2022
A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact... Critical Unreviewed
CVE-2013-10004 was published May 25, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed
CVE-2022-30235 was published Jun 3, 2022
Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict... Critical Unreviewed
CVE-2022-29084 was published Jun 3, 2022
An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to... Critical Unreviewed
CVE-2022-31273 was published Jun 15, 2022
Improper Restriction of Excessive Authentication Attempts Critical
CVE-2022-2321 was published for github.com/heroiclabs/nakama/v3 (Go) Jul 6, 2022
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts... Critical Unreviewed
CVE-2022-31234 was published Jul 22, 2022
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed
CVE-2021-22640 was published Jul 29, 2022
Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force... Critical Unreviewed
CVE-2022-35490 was published Aug 9, 2022
A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a... Critical Unreviewed
CVE-2022-2457 was published Aug 11, 2022
WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the... Critical Unreviewed
CVE-2022-33106 was published Oct 12, 2022
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. A remote... Critical Unreviewed
CVE-2022-31228 was published Oct 13, 2022
An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL allows attackers to escalate... Critical Unreviewed
CVE-2022-40055 was published Oct 17, 2022
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in... Critical Unreviewed
CVE-2022-35846 was published Oct 18, 2022
Impact varies for each individual vulnerability in the application. For generation of accounts,... Critical Unreviewed
CVE-2022-3741 was published Oct 28, 2022
User login brute force protection functionality bypass Critical Unreviewed
CVE-2022-27516 was published Nov 9, 2022
Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3. Critical Unreviewed
CVE-2022-3993 was published Nov 14, 2022
Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon... Critical Unreviewed
CVE-2022-2166 was published Nov 16, 2022
wger vulnerable to brute force attempts Critical
CVE-2022-2650 was published for wger (pip) Nov 24, 2022
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection... Critical Unreviewed
CVE-2023-24020 was published Jan 31, 2023
Server-Side Request Forgery (SSRF), Improperly Controlled Modification of Dynamically-Determined... Critical Unreviewed
CVE-2023-0574 was published Feb 9, 2023
A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS)... Critical Unreviewed
CVE-2023-24080 was published Feb 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database