Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
844
Swift
36
Unreviewed advisories
All unreviewed
5,000+

314 advisories

Loading
Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873... Critical Unreviewed
CVE-2021-41807 was published Jan 19, 2022
The code that performs password matching when using 'Basic' HTTP authentication does not use a... Critical Unreviewed
CVE-2021-43298 was published Jan 26, 2022
Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication... Critical Unreviewed
CVE-2022-22553 was published Jan 22, 2022
A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that... High Unreviewed
CVE-2021-22818 was published Jan 29, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed
CVE-2022-22810 was published Feb 11, 2022
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows... Moderate Unreviewed
CVE-2022-25820 was published Mar 11, 2022
A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3... Critical Unreviewed
CVE-2022-26314 was published Mar 9, 2022
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced.... High Unreviewed
CVE-2021-27782 was published Jan 20, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection... Critical Unreviewed
CVE-2023-24020 was published Jan 31, 2023
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. High Unreviewed
CVE-2023-22960 was published Jan 23, 2023
Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component.... Moderate Unreviewed
CVE-2022-34389 was published Feb 11, 2023
Improper Restriction of Excessive Authentication Attempts in modoboa High
CVE-2023-0860 was published for modoboa (pip) Feb 16, 2023
No protection against brute-force attacks on login page High
CVE-2023-25156 was published for kiwitcms (pip) Feb 15, 2023
XWiki Platform packages Expose Sensitive Information to an Unauthorized Actor High
CVE-2023-26476 was published for org.xwiki.platform:xwiki-platform-livetable-ui (Maven) Mar 3, 2023
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an... High Unreviewed
CVE-2023-1101 was published Mar 3, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... Moderate Unreviewed
CVE-2023-26208 was published Mar 9, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... Moderate Unreviewed
CVE-2023-26209 was published Mar 9, 2023
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet... Moderate Unreviewed
CVE-2022-29056 was published Mar 9, 2023
A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS)... Critical Unreviewed
CVE-2023-24080 was published Feb 22, 2023
Answer has Guessable CAPTCHA Moderate
CVE-2023-1539 was published for github.com/answerdev/answer (Go) Mar 21, 2023
Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that... Critical Unreviewed
CVE-2022-36413 was published Mar 23, 2023
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate... Critical Unreviewed
CVE-2023-27100 was published Mar 23, 2023
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake... Critical Unreviewed
CVE-2023-1665 was published Mar 28, 2023
Flask-AppBuilder Has No Rate Limiting on Login AUTH DB High
CVE-2023-29005 was published for Flask-AppBuilder (pip) Apr 10, 2023
Improper Restriction of Excessive Authentication Attempts in calibreweb Moderate
CVE-2022-2525 was published for calibreweb (pip) Apr 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database