GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
263 advisories
Filter by severity
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to...
High
Unreviewed
CVE-2022-43904
was published
Aug 28, 2023
There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware...
Critical
Unreviewed
CVE-2023-40706
was published
Aug 24, 2023
Microsoft Exchange Server Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2023-21709
was published
Aug 8, 2023
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local...
Low
Unreviewed
CVE-2023-3669
was published
Aug 3, 2023
An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting...
Critical
Unreviewed
CVE-2023-3548
was published
Jul 25, 2023
Weintek Weincloud v0.13.6
could allow an attacker to efficiently develop a brute force...
High
Unreviewed
CVE-2023-32657
was published
Jul 20, 2023
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and...
High
Unreviewed
CVE-2023-29301
was published
Jul 12, 2023
SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized...
High
Unreviewed
CVE-2023-36917
was published
Jul 11, 2023
A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2023-3605
was published
Jul 10, 2023
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4
could allow a...
High
Unreviewed
CVE-2023-35697
was published
Jul 10, 2023
The number of login attempts is not limited. This could allow an attacker to perform a brute...
Critical
Unreviewed
CVE-2023-33868
was published
Jul 7, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists...
High
Unreviewed
CVE-2022-43377
was published
Jul 6, 2023
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
High
Unreviewed
CVE-2022-43947
was published
Jul 6, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
Critical
Unreviewed
CVE-2022-32515
was published
Jul 6, 2023
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication...
Critical
Unreviewed
CVE-2023-32224
was published
Jun 28, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2022-32757
was published
Jun 15, 2023
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0...
High
Unreviewed
CVE-2022-42478
was published
Jun 13, 2023
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on...
Moderate
Unreviewed
CVE-2023-33754
was published
Jun 1, 2023
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute...
High
Unreviewed
CVE-2023-23755
was published
May 30, 2023
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.
High
Unreviewed
CVE-2023-26756
was published
Apr 14, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase...
Critical
Unreviewed
CVE-2023-27746
was published
Apr 13, 2023
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake...
Critical
Unreviewed
CVE-2023-1665
was published
Mar 28, 2023
Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that...
Critical
Unreviewed
CVE-2022-36413
was published
Mar 23, 2023
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate...
Critical
Unreviewed
CVE-2023-27100
was published
Mar 23, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
Moderate
Unreviewed
CVE-2023-26208
was published
Mar 9, 2023
ProTip!
Advisories are also available from the
GraphQL API