Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

303 advisories

Loading
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed
CVE-2022-32515 was published Jul 6, 2023
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication... Critical Unreviewed
CVE-2023-32224 was published Jun 28, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting... High Unreviewed
CVE-2022-32757 was published Jun 15, 2023
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0... High Unreviewed
CVE-2022-42478 was published Jun 13, 2023
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on... Moderate Unreviewed
CVE-2023-33754 was published Jun 1, 2023
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute... High Unreviewed
CVE-2023-23755 was published May 30, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase... Critical Unreviewed
CVE-2023-27746 was published Apr 13, 2023
Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel... High Unreviewed
CVE-2020-13872 was published May 24, 2022
AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force... Critical Unreviewed
CVE-2019-12941 was published May 24, 2022
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection... Critical Unreviewed
CVE-2019-17240 was published May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed
CVE-2019-17215 was published May 24, 2022
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive... Critical Unreviewed
CVE-2019-3766 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of... High Unreviewed
CVE-2019-3746 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1).... Critical Unreviewed
CVE-2019-13918 was published May 24, 2022
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an... High Unreviewed
CVE-2019-14951 was published May 24, 2022
There is an information disclosure vulnerability on Mate 9 Pro Huawei smartphones versions... Moderate Unreviewed
CVE-2019-5217 was published May 24, 2022
The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for... Critical Unreviewed
CVE-2013-4441 was published May 5, 2022
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness High Unreviewed
CVE-2013-2257 was published May 5, 2022
A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple... Low Unreviewed
CVE-2024-3202 was published Apr 3, 2024
Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss Moderate
CVE-2024-21652 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 18, 2024
nadava669 pasha-codefresh
jannfis crenshaw-dev todaywasawesome
Bypassing Rate Limit and Brute Force Protection Using Cache Overflow Moderate
CVE-2024-21662 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 18, 2024
nadava669 pasha-codefresh
crenshaw-dev todaywasawesome jannfis
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28248 was published May 24, 2022
Devise-Two-Factor vulnerable to brute force attacks Moderate
CVE-2024-0227 was published for devise-two-factor (RubyGems) Jan 12, 2024 withdrawn
bsedat
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed
CVE-2024-2051 was published Mar 18, 2024
OpenCart v4.0.2.2 is vulnerable to Brute Force Attack. Critical Unreviewed
CVE-2023-40834 was published Sep 12, 2023
ProTip! Advisories are also available from the GraphQL API