GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
263 advisories
Filter by severity
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha...
Moderate
Unreviewed
CVE-2023-48745
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP...
Moderate
Unreviewed
CVE-2023-44235
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive...
Moderate
Unreviewed
CVE-2023-45009
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress...
Moderate
Unreviewed
CVE-2023-34001
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force...
Moderate
Unreviewed
CVE-2023-23730
was published
Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid...
Moderate
Unreviewed
CVE-2024-32774
was published
May 17, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment...
Moderate
Unreviewed
CVE-2024-32720
was published
May 17, 2024
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which...
Moderate
Unreviewed
CVE-2024-3461
was published
May 14, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress...
Moderate
Unreviewed
CVE-2024-32676
was published
Apr 25, 2024
Improper restriction of excessive authentication attempts on some authentication methods in...
Moderate
Unreviewed
CVE-2024-28825
was published
Apr 24, 2024
An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks...
Moderate
Unreviewed
CVE-2024-30390
was published
Apr 12, 2024
A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple...
Low
Unreviewed
CVE-2024-3202
was published
Apr 3, 2024
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
Critical
Unreviewed
CVE-2024-2051
was published
Mar 18, 2024
An unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb...
High
Unreviewed
CVE-2024-1104
was published
Feb 22, 2024
Dell RecoverPoint for Virtual Machines 5.3.x contains a brute force/dictionary attack...
Moderate
Unreviewed
CVE-2024-22425
was published
Feb 16, 2024
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2023-45191
was published
Feb 9, 2024
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection,...
Moderate
Unreviewed
CVE-2023-45190
was published
Feb 9, 2024
IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2023-38273
was published
Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a...
High
Unreviewed
CVE-2023-50326
was published
Feb 2, 2024
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts,...
Critical
Unreviewed
CVE-2023-33759
was published
Jan 25, 2024
The Omron FINS protocol has an authenticated feature to prevent access to memory regions....
High
Unreviewed
CVE-2022-45790
was published
Jan 22, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow...
Critical
Unreviewed
CVE-2024-22317
was published
Jan 18, 2024
The number of attempts to bring the Hozard Alarm system (alarmsystemen) v1.0 to a disarmed state...
High
Unreviewed
CVE-2023-50123
was published
Jan 11, 2024
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an...
High
Unreviewed
CVE-2023-6912
was published
Dec 20, 2023
Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows...
Critical
Unreviewed
CVE-2023-27172
was published
Dec 20, 2023
ProTip!
Advisories are also available from the
GraphQL API