Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Loading
EuroTel ETL3100 versions v01c01 and v01x37 does not limit the number of attempts to guess... Critical Unreviewed
CVE-2023-6928 was published Dec 20, 2023
The Theme My Login 2FA WordPress plugin before 1.2 does not rate limit 2FA validation attempts,... Critical Unreviewed
CVE-2023-6272 was published Dec 18, 2023
By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI... High Unreviewed
CVE-2023-50444 was published Dec 13, 2023
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-6756 was published Dec 13, 2023
DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and... Critical Unreviewed
CVE-2023-49443 was published Dec 8, 2023
Improper Restriction of Excessive Authentication Attempts vulnerability in Be Devious Web... Critical Unreviewed
CVE-2023-35039 was published Dec 7, 2023
A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows... Critical Unreviewed
CVE-2023-24051 was published Dec 5, 2023
kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the... Critical Unreviewed
CVE-2023-48028 was published Nov 18, 2023
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail... Moderate Unreviewed
CVE-2023-45582 was published Nov 14, 2023
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute... Moderate Unreviewed
CVE-2023-42480 was published Nov 14, 2023
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake... Critical Unreviewed
CVE-2023-2675 was published Nov 13, 2023
Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV... Low Unreviewed
CVE-2023-41270 was published Nov 8, 2023
Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2023-4625 was published Nov 6, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple... High Unreviewed
CVE-2023-41350 was published Nov 3, 2023
A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows attackers to obtain user... High Unreviewed
CVE-2023-37832 was published Oct 31, 2023
Sielco PolyEco1000 uses a weak set of default administrative credentials that can be easily... Critical Unreviewed
CVE-2023-5754 was published Oct 26, 2023
The cookie session ID is of insufficient length and can be exploited by brute force, which may... Critical Unreviewed
CVE-2023-42769 was published Oct 26, 2023
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks... Unknown Unreviewed
CVE-2023-37635 was published Oct 23, 2023
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to... Critical Unreviewed
CVE-2023-27152 was published Oct 23, 2023
The TETRA TEA1 keystream generator implements a key register initialization function that... High Unreviewed
CVE-2022-24402 was published Oct 19, 2023
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... High Unreviewed
CVE-2023-44096 was published Oct 11, 2023
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... High Unreviewed
CVE-2023-44111 was published Oct 11, 2023
Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an... High Unreviewed
CVE-2023-43699 was published Oct 9, 2023
OpenCart v4.0.2.2 is vulnerable to Brute Force Attack. Critical Unreviewed
CVE-2023-40834 was published Sep 12, 2023
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an... High Unreviewed
CVE-2023-26271 was published Aug 28, 2023
ProTip! Advisories are also available from the GraphQL API