Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... High Unreviewed
CVE-2023-44096 was published Oct 11, 2023
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... High Unreviewed
CVE-2023-44111 was published Oct 11, 2023
Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an... High Unreviewed
CVE-2023-43699 was published Oct 9, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an... High Unreviewed
CVE-2023-26271 was published Aug 28, 2023
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to... High Unreviewed
CVE-2022-43904 was published Aug 28, 2023
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force... High Unreviewed
CVE-2023-32657 was published Jul 20, 2023
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and... High Unreviewed
CVE-2023-29301 was published Jul 12, 2023
SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized... High Unreviewed
CVE-2023-36917 was published Jul 11, 2023
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a... High Unreviewed
CVE-2023-35697 was published Jul 10, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists... High Unreviewed
CVE-2022-43377 was published Jul 6, 2023
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... High Unreviewed
CVE-2022-43947 was published Jul 6, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting... High Unreviewed
CVE-2022-32757 was published Jun 15, 2023
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0... High Unreviewed
CVE-2022-42478 was published Jun 13, 2023
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute... High Unreviewed
CVE-2023-23755 was published May 30, 2023
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. High Unreviewed
CVE-2023-26756 was published Apr 14, 2023
Flask-AppBuilder Has No Rate Limiting on Login AUTH DB High
CVE-2023-29005 was published for Flask-AppBuilder (pip) Apr 10, 2023
XWiki Platform packages Expose Sensitive Information to an Unauthorized Actor High
CVE-2023-26476 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Mar 3, 2023
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an... High Unreviewed
CVE-2023-1101 was published Mar 3, 2023
Improper Restriction of Excessive Authentication Attempts in modoboa High
CVE-2023-0860 was published for modoboa (pip) Feb 16, 2023
No protection against brute-force attacks on login page High
CVE-2023-25156 was published for kiwitcms (pip) Feb 15, 2023
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. High Unreviewed
CVE-2023-22960 was published Jan 23, 2023
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced.... High Unreviewed
CVE-2021-27782 was published Jan 20, 2023
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application... High Unreviewed
CVE-2022-38491 was published Jan 10, 2023
Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows... High Unreviewed
CVE-2022-26964 was published Dec 26, 2022
Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative... High Unreviewed
CVE-2022-45893 was published Dec 25, 2022
ProTip! Advisories are also available from the GraphQL API