GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
302 advisories
Filter by severity
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
High
Unreviewed
CVE-2022-43947
was published
Jul 6, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
Critical
Unreviewed
CVE-2022-32515
was published
Jul 6, 2023
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication...
Critical
Unreviewed
CVE-2023-32224
was published
Jun 28, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2022-32757
was published
Jun 15, 2023
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0...
High
Unreviewed
CVE-2022-42478
was published
Jun 13, 2023
Froxlor vulnerable to Improper Restriction of Excessive Authentication Attempts
Critical
CVE-2023-3173
was published
for
froxlor/froxlor
(Composer)
Jun 9, 2023
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on...
Moderate
Unreviewed
CVE-2023-33754
was published
Jun 1, 2023
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute...
High
Unreviewed
CVE-2023-23755
was published
May 30, 2023
AzuraCast missing brute force prevention
Critical
CVE-2023-2531
was published
for
azuracast/azuracast
(Composer)
May 5, 2023
Improper Restriction of Excessive Authentication Attempts in calibreweb
Moderate
CVE-2022-2525
was published
for
calibreweb
(pip)
Apr 15, 2023
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.
High
Unreviewed
CVE-2023-26756
was published
Apr 14, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase...
Critical
Unreviewed
CVE-2023-27746
was published
Apr 13, 2023
Flask-AppBuilder Has No Rate Limiting on Login AUTH DB
High
CVE-2023-29005
was published
for
Flask-AppBuilder
(pip)
Apr 10, 2023
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake...
Critical
Unreviewed
CVE-2023-1665
was published
Mar 28, 2023
Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that...
Critical
Unreviewed
CVE-2022-36413
was published
Mar 23, 2023
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate...
Critical
Unreviewed
CVE-2023-27100
was published
Mar 23, 2023
Answer has Guessable CAPTCHA
Moderate
CVE-2023-1539
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
Moderate
Unreviewed
CVE-2023-26209
was published
Mar 9, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
Moderate
Unreviewed
CVE-2023-26208
was published
Mar 9, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
Moderate
Unreviewed
CVE-2022-29056
was published
Mar 9, 2023
XWiki Platform packages Expose Sensitive Information to an Unauthorized Actor
High
CVE-2023-26476
was published
for
org.xwiki.platform:xwiki-platform-livetable-ui
(Maven)
Mar 3, 2023
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an...
High
Unreviewed
CVE-2023-1101
was published
Mar 3, 2023
A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS)...
Critical
Unreviewed
CVE-2023-24080
was published
Feb 22, 2023
Improper Restriction of Excessive Authentication Attempts in modoboa
High
CVE-2023-0860
was published
for
modoboa
(pip)
Feb 16, 2023
No protection against brute-force attacks on login page
High
CVE-2023-25156
was published
for
kiwitcms
(pip)
Feb 15, 2023
ProTip!
Advisories are also available from the
GraphQL API