Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Loading
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha... Moderate Unreviewed
CVE-2023-48745 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP... Moderate Unreviewed
CVE-2023-44235 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive... Moderate Unreviewed
CVE-2023-45009 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress... Moderate Unreviewed
CVE-2023-34001 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force... Moderate Unreviewed
CVE-2023-23730 was published Jun 4, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid... Moderate Unreviewed
CVE-2024-32774 was published May 17, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment... Moderate Unreviewed
CVE-2024-32720 was published May 17, 2024
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which... Moderate Unreviewed
CVE-2024-3461 was published May 14, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress... Moderate Unreviewed
CVE-2024-32676 was published Apr 25, 2024
Improper restriction of excessive authentication attempts on some authentication methods in... Moderate Unreviewed
CVE-2024-28825 was published Apr 24, 2024
An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks... Moderate Unreviewed
CVE-2024-30390 was published Apr 12, 2024
A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple... Low Unreviewed
CVE-2024-3202 was published Apr 3, 2024
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed
CVE-2024-2051 was published Mar 18, 2024
An unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb... High Unreviewed
CVE-2024-1104 was published Feb 22, 2024
Dell RecoverPoint for Virtual Machines 5.3.x contains a brute force/dictionary attack... Moderate Unreviewed
CVE-2024-22425 was published Feb 16, 2024
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting... High Unreviewed
CVE-2023-45191 was published Feb 9, 2024
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection,... Moderate Unreviewed
CVE-2023-45190 was published Feb 9, 2024
IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting... High Unreviewed
CVE-2023-38273 was published Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a... High Unreviewed
CVE-2023-50326 was published Feb 2, 2024
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts,... Critical Unreviewed
CVE-2023-33759 was published Jan 25, 2024
The Omron FINS protocol has an authenticated feature to prevent access to memory regions.... High Unreviewed
CVE-2022-45790 was published Jan 22, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow... Critical Unreviewed
CVE-2024-22317 was published Jan 18, 2024
The number of attempts to bring the Hozard Alarm system (alarmsystemen) v1.0 to a disarmed state... High Unreviewed
CVE-2023-50123 was published Jan 11, 2024
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an... High Unreviewed
CVE-2023-6912 was published Dec 20, 2023
Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows... Critical Unreviewed
CVE-2023-27172 was published Dec 20, 2023
ProTip! Advisories are also available from the GraphQL API