GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
84 advisories
Filter by severity
Weintek Weincloud v0.13.6
could allow an attacker to efficiently develop a brute force...
High
Unreviewed
CVE-2023-32657
was published
Jul 20, 2023
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and...
High
Unreviewed
CVE-2023-29301
was published
Jul 12, 2023
SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized...
High
Unreviewed
CVE-2023-36917
was published
Jul 11, 2023
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4
could allow a...
High
Unreviewed
CVE-2023-35697
was published
Jul 10, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists...
High
Unreviewed
CVE-2022-43377
was published
Jul 6, 2023
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet...
High
Unreviewed
CVE-2022-43947
was published
Jul 6, 2023
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2022-32757
was published
Jun 15, 2023
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0...
High
Unreviewed
CVE-2022-42478
was published
Jun 13, 2023
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute...
High
Unreviewed
CVE-2023-23755
was published
May 30, 2023
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks.
High
Unreviewed
CVE-2023-26756
was published
Apr 14, 2023
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an...
High
Unreviewed
CVE-2023-1101
was published
Mar 3, 2023
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.
High
Unreviewed
CVE-2023-22960
was published
Jan 23, 2023
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced....
High
Unreviewed
CVE-2021-27782
was published
Jan 20, 2023
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application...
High
Unreviewed
CVE-2022-38491
was published
Jan 10, 2023
Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows...
High
Unreviewed
CVE-2022-26964
was published
Dec 26, 2022
Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative...
High
Unreviewed
CVE-2022-45893
was published
Dec 25, 2022
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network...
High
Unreviewed
CVE-2022-23746
was published
Nov 30, 2022
Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts...
High
Unreviewed
CVE-2022-37772
was published
Nov 23, 2022
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by...
High
Unreviewed
CVE-2022-4006
was published
Nov 16, 2022
The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission...
High
Unreviewed
CVE-2022-37144
was published
Sep 9, 2022
The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts...
High
Unreviewed
CVE-2022-37145
was published
Sep 9, 2022
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could...
High
Unreviewed
CVE-2022-22452
was published
Jul 15, 2022
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on...
High
Unreviewed
CVE-2021-22003
was published
May 24, 2022
IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote...
High
Unreviewed
CVE-2021-20427
was published
May 24, 2022
The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and...
High
Unreviewed
CVE-2021-27943
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API