Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

302 advisories

Loading
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... High Unreviewed
CVE-2022-43947 was published Jul 6, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed
CVE-2022-32515 was published Jul 6, 2023
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication... Critical Unreviewed
CVE-2023-32224 was published Jun 28, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting... High Unreviewed
CVE-2022-32757 was published Jun 15, 2023
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0... High Unreviewed
CVE-2022-42478 was published Jun 13, 2023
Froxlor vulnerable to Improper Restriction of Excessive Authentication Attempts Critical
CVE-2023-3173 was published for froxlor/froxlor (Composer) Jun 9, 2023
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on... Moderate Unreviewed
CVE-2023-33754 was published Jun 1, 2023
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute... High Unreviewed
CVE-2023-23755 was published May 30, 2023
AzuraCast missing brute force prevention Critical
CVE-2023-2531 was published for azuracast/azuracast (Composer) May 5, 2023
Improper Restriction of Excessive Authentication Attempts in calibreweb Moderate
CVE-2022-2525 was published for calibreweb (pip) Apr 15, 2023
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. High Unreviewed
CVE-2023-26756 was published Apr 14, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase... Critical Unreviewed
CVE-2023-27746 was published Apr 13, 2023
Flask-AppBuilder Has No Rate Limiting on Login AUTH DB High
CVE-2023-29005 was published for Flask-AppBuilder (pip) Apr 10, 2023
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake... Critical Unreviewed
CVE-2023-1665 was published Mar 28, 2023
Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that... Critical Unreviewed
CVE-2022-36413 was published Mar 23, 2023
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate... Critical Unreviewed
CVE-2023-27100 was published Mar 23, 2023
Answer has Guessable CAPTCHA Moderate
CVE-2023-1539 was published for github.com/answerdev/answer (Go) Mar 21, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... Moderate Unreviewed
CVE-2023-26209 was published Mar 9, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... Moderate Unreviewed
CVE-2023-26208 was published Mar 9, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... Moderate Unreviewed
CVE-2022-29056 was published Mar 9, 2023
XWiki Platform packages Expose Sensitive Information to an Unauthorized Actor High
CVE-2023-26476 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Mar 3, 2023
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an... High Unreviewed
CVE-2023-1101 was published Mar 3, 2023
A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS)... Critical Unreviewed
CVE-2023-24080 was published Feb 22, 2023
Improper Restriction of Excessive Authentication Attempts in modoboa High
CVE-2023-0860 was published for modoboa (pip) Feb 16, 2023
No protection against brute-force attacks on login page High
CVE-2023-25156 was published for kiwitcms (pip) Feb 15, 2023
ProTip! Advisories are also available from the GraphQL API