Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
Silverstripe Brute force bypass on default admin Critical
GHSA-8v6m-7f5v-hhx6 was published for silverstripe/framework (Composer) May 23, 2024
OATHAuth extension in MediaWiki is not implementing rate limit High
CVE-2020-25827 was published for mediawiki/core (Composer) May 24, 2022
eZ Platform Admin UI Password reset vulnerability High
GHSA-hfpp-2vhw-qq43 was published for ezsystems/ezplatform-user (Composer) May 15, 2024
eZ Platform Password reset vulnerability High
GHSA-cg84-55jx-4237 was published for ezsystems/ezplatform-admin-ui (Composer) May 15, 2024
Dolibarr Improper Restriction of Excessive Authentication Attempts Critical
CVE-2020-7995 was published for dolibarr/dolibarr (Composer) May 24, 2022
WWBN AVideo Improper Restriction of Excessive Authentication Attempts vulnerability High
CVE-2023-49810 was published for wwbn/avideo (Composer) Jan 10, 2024
LibreNMS vulnerable to rate limiting bypass on login page Moderate
CVE-2023-46745 was published for librenms/librenms (Composer) Nov 17, 2023
rook1337
AzuraCast missing brute force prevention Critical
CVE-2023-2531 was published for azuracast/azuracast (Composer) May 5, 2023
Froxlor vulnerable to Improper Restriction of Excessive Authentication Attempts Critical
CVE-2023-3173 was published for froxlor/froxlor (Composer) Jun 9, 2023
Pimcore Discloses Usernames In Use High
CVE-2019-18986 was published for pimcore/pimcore (Composer) May 24, 2022
Pimcore 2FA Vulnerable to Brute Forcing Critical
CVE-2019-18985 was published for pimcore/pimcore (Composer) May 24, 2022
No Restriction of Excessive Authentication Attempts in Firefly III Moderate
CVE-2021-3663 was published for grumpydictator/firefly-iii (Composer) Aug 9, 2021
Kirby CMS vulnerable to user enumeration in the code-based login and password reset forms Moderate
CVE-2022-39314 was published for getkirby/cms (Composer) Oct 18, 2022
florianmrz
ProTip! Advisories are also available from the GraphQL API