GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,485

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

276 advisories

Filter by severity

Sort by

Least recently updated

There is an information disclosure vulnerability on Mate 9 Pro Huawei smartphones versions... Moderate Unreviewed

CVE-2019-5217 was published May 24, 2022

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... High Unreviewed

CVE-2022-24044 was published May 21, 2022

The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated... Moderate Unreviewed

CVE-2014-2875 was published May 17, 2022

A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker... Moderate Unreviewed

CVE-2018-16703 was published May 13, 2022

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a... Critical Unreviewed

CVE-2018-1475 was published May 13, 2022

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force... Critical Unreviewed

CVE-2018-12993 was published May 13, 2022

An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can... Critical Unreviewed

CVE-2018-12649 was published May 13, 2022

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell... Critical Unreviewed

CVE-2017-7898 was published May 13, 2022

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through... High Unreviewed

CVE-2017-14423 was published May 13, 2022

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could... Critical Unreviewed

CVE-2017-1197 was published May 13, 2022

phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in... Critical Unreviewed

CVE-2017-11187 was published May 13, 2022

When the device is configured to perform account lockout with a defined period of time, any... Moderate Unreviewed

CVE-2017-10604 was published May 13, 2022

A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could... High Unreviewed

CVE-2017-12316 was published May 13, 2022

An improper restriction of excessive authentication attempts vulnerability in /principals in... Critical Unreviewed

CVE-2017-15887 was published May 13, 2022

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell... Critical Unreviewed

CVE-2017-7915 was published May 13, 2022

Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior... Critical Unreviewed

CVE-2018-11082 was published May 13, 2022

Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method... Critical Unreviewed

CVE-2018-15759 was published May 13, 2022

A specially crafted script could bypass the authentication of a maintenance port of Emerson... Moderate Unreviewed

CVE-2018-19021 was published May 13, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout... Critical Unreviewed

CVE-2018-1373 was published May 13, 2022

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden... Critical Unreviewed

CVE-2018-5469 was published May 13, 2022

An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RUT950) R_31.04.89 before... Critical Unreviewed

CVE-2018-19879 was published May 13, 2022

index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sending a series of LoginForm... Critical Unreviewed

CVE-2018-19548 was published May 13, 2022

Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication... Critical Unreviewed

CVE-2019-6524 was published May 13, 2022

If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The... High Unreviewed

CVE-2019-0039 was published May 13, 2022

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for... Critical Unreviewed

CVE-2013-4441 was published May 5, 2022

Previous 1 2 … 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

276 advisories