GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
106 advisories
Filter by severity
A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000,...
Critical
Unreviewed
CVE-2021-41435
was published
Nov 20, 2021
Missing Rate Limiting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase®...
Critical
Unreviewed
CVE-2021-42544
was published
Dec 1, 2021
Due to insufficient server-side login-attempt limit enforcement, a vulnerability in /account...
Critical
Unreviewed
CVE-2021-37934
was published
Dec 11, 2021
An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute...
Critical
Unreviewed
CVE-2020-21238
was published
Dec 29, 2021
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute...
Critical
Unreviewed
CVE-2020-21237
was published
Dec 29, 2021
Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873...
Critical
Unreviewed
CVE-2021-41807
was published
Jan 19, 2022
Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication...
Critical
Unreviewed
CVE-2022-22553
was published
Jan 22, 2022
The code that performs password matching when using 'Basic' HTTP authentication does not use a...
Critical
Unreviewed
CVE-2021-43298
was published
Jan 26, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
Critical
Unreviewed
CVE-2022-22810
was published
Feb 11, 2022
A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3...
Critical
Unreviewed
CVE-2022-26314
was published
Mar 9, 2022
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to...
Critical
Unreviewed
CVE-2021-43958
was published
Mar 17, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive...
Critical
Unreviewed
CVE-2022-22561
was published
Apr 13, 2022
The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for...
Critical
Unreviewed
CVE-2013-4441
was published
May 5, 2022
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication...
Critical
Unreviewed
CVE-2019-6524
was published
May 13, 2022
index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sending a series of LoginForm...
Critical
Unreviewed
CVE-2018-19548
was published
May 13, 2022
An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RUT950) R_31.04.89 before...
Critical
Unreviewed
CVE-2018-19879
was published
May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden...
Critical
Unreviewed
CVE-2018-5469
was published
May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout...
Critical
Unreviewed
CVE-2018-1373
was published
May 13, 2022
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method...
Critical
Unreviewed
CVE-2018-15759
was published
May 13, 2022
Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior...
Critical
Unreviewed
CVE-2018-11082
was published
May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell...
Critical
Unreviewed
CVE-2017-7915
was published
May 13, 2022
An improper restriction of excessive authentication attempts vulnerability in /principals in...
Critical
Unreviewed
CVE-2017-15887
was published
May 13, 2022
phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in...
Critical
Unreviewed
CVE-2017-11187
was published
May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could...
Critical
Unreviewed
CVE-2017-1197
was published
May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell...
Critical
Unreviewed
CVE-2017-7898
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API