GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
105 advisories
Filter by severity
Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of...
High
Unreviewed
CVE-2024-49597
was published
Nov 26, 2024
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows...
High
Unreviewed
CVE-2024-5716
was published
Nov 22, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass
High
CVE-2024-32868
was published
for
github.com/zitadel/zitadel
(Go)
Apr 25, 2024
Improper Restriction of Excessive Authentication Attempts in py-bcrypt
High
CVE-2013-1895
was published
for
py-bcrypt
(pip)
Oct 12, 2021
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential...
High
Unreviewed
CVE-2024-7292
was published
Oct 9, 2024
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout...
High
Unreviewed
CVE-2021-22530
was published
Aug 28, 2024
An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0...
High
Unreviewed
CVE-2024-45327
was published
Sep 11, 2024
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an...
High
Unreviewed
CVE-2023-6912
was published
Dec 20, 2023
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
High
Unreviewed
CVE-2024-39398
was published
Aug 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-41904
was published
Aug 13, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39873
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39874
was published
Jul 9, 2024
Improper Restriction of Excessive Authentication Attempts in Argo API
High
CVE-2020-8827
was published
for
github.com/argoproj/argo-cd
(Go)
Jul 26, 2021
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
High
Unreviewed
CVE-2024-38888
was published
Aug 2, 2024
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated...
High
Unreviewed
CVE-2024-38176
was published
Jul 24, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc....
High
Unreviewed
CVE-2024-5862
was published
Jun 24, 2024
OATHAuth extension in MediaWiki is not implementing rate limit
High
CVE-2020-25827
was published
for
mediawiki/core
(Composer)
May 24, 2022
eZ Platform Admin UI Password reset vulnerability
High
GHSA-hfpp-2vhw-qq43
was published
for
ezsystems/ezplatform-user
(Composer)
May 15, 2024
eZ Platform Password reset vulnerability
High
GHSA-cg84-55jx-4237
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
May 15, 2024
OpenStack Keystone allows information disclosure during account locking
High
CVE-2021-38155
was published
for
keystone
(pip)
May 24, 2022
SaltStack RSA Key Generation allows remote users to decrypt communications
High
CVE-2013-2228
was published
for
salt
(pip)
May 5, 2022
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.
High
Unreviewed
CVE-2023-26756
was published
Apr 14, 2023
CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability
High
CVE-2024-24767
was published
for
github.com/IceWhaleTech/CasaOS-UserService
(Go)
Mar 6, 2024
The TETRA TEA1 keystream generator implements a key register initialization function that...
High
Unreviewed
CVE-2022-24402
was published
Oct 19, 2023
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation...
High
Unreviewed
CVE-2023-44111
was published
Oct 11, 2023
ProTip!
Advisories are also available from the
GraphQL API