Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

316 advisories

Loading
Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which... High Unreviewed
CVE-2001-0395 was published Apr 30, 2022
The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect... High Unreviewed
CVE-2001-1291 was published Apr 30, 2022
Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when... High Unreviewed
CVE-2001-1339 was published Apr 30, 2022
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed... Moderate Unreviewed
CVE-2002-0628 was published Apr 30, 2022
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness High Unreviewed
CVE-2013-2257 was published May 5, 2022
SaltStack RSA Key Generation allows remote users to decrypt communications High
CVE-2013-2228 was published for salt (pip) May 5, 2022
The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for... Critical Unreviewed
CVE-2013-4441 was published May 5, 2022
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The... High Unreviewed
CVE-2019-0039 was published May 13, 2022
Keycloak Improper Bruteforce Detection High
CVE-2018-14657 was published for org.keycloak:keycloak-parent (Maven) May 13, 2022
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication... Critical Unreviewed
CVE-2019-6524 was published May 13, 2022
index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sending a series of LoginForm... Critical Unreviewed
CVE-2018-19548 was published May 13, 2022
An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RUT950) R_31.04.89 before... Critical Unreviewed
CVE-2018-19879 was published May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden... Critical Unreviewed
CVE-2018-5469 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout... Critical Unreviewed
CVE-2018-1373 was published May 13, 2022
A specially crafted script could bypass the authentication of a maintenance port of Emerson... Moderate Unreviewed
CVE-2018-19021 was published May 13, 2022
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method... Critical Unreviewed
CVE-2018-15759 was published May 13, 2022
Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior... Critical Unreviewed
CVE-2018-11082 was published May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell... Critical Unreviewed
CVE-2017-7915 was published May 13, 2022
An improper restriction of excessive authentication attempts vulnerability in /principals in... Critical Unreviewed
CVE-2017-15887 was published May 13, 2022
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could... High Unreviewed
CVE-2017-12316 was published May 13, 2022
When the device is configured to perform account lockout with a defined period of time, any... Moderate Unreviewed
CVE-2017-10604 was published May 13, 2022
phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in... Critical Unreviewed
CVE-2017-11187 was published May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could... Critical Unreviewed
CVE-2017-1197 was published May 13, 2022
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through... High Unreviewed
CVE-2017-14423 was published May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell... Critical Unreviewed
CVE-2017-7898 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database