GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
102 advisories
Filter by severity
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential...
High
Unreviewed
CVE-2024-7292
was published
Oct 9, 2024
An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0...
High
Unreviewed
CVE-2024-45327
was published
Sep 11, 2024
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout...
High
Unreviewed
CVE-2021-22530
was published
Aug 28, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
High
Unreviewed
CVE-2024-39398
was published
Aug 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-41904
was published
Aug 13, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
High
Unreviewed
CVE-2024-38888
was published
Aug 2, 2024
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated...
High
Unreviewed
CVE-2024-38176
was published
Jul 24, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39873
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39874
was published
Jul 9, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc....
High
Unreviewed
CVE-2024-5862
was published
Jun 24, 2024
eZ Platform Admin UI Password reset vulnerability
High
GHSA-hfpp-2vhw-qq43
was published
for
ezsystems/ezplatform-user
(Composer)
May 15, 2024
eZ Platform Password reset vulnerability
High
GHSA-cg84-55jx-4237
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
May 15, 2024
CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability
High
CVE-2024-24767
was published
for
github.com/IceWhaleTech/CasaOS-UserService
(Go)
Mar 6, 2024
An unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb...
High
Unreviewed
CVE-2024-1104
was published
Feb 22, 2024
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2023-45191
was published
Feb 9, 2024
IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2023-38273
was published
Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a...
High
Unreviewed
CVE-2023-50326
was published
Feb 2, 2024
The Omron FINS protocol has an authenticated feature to prevent access to memory regions....
High
Unreviewed
CVE-2022-45790
was published
Jan 22, 2024
The number of attempts to bring the Hozard Alarm system (alarmsystemen) v1.0 to a disarmed state...
High
Unreviewed
CVE-2023-50123
was published
Jan 11, 2024
WWBN AVideo Improper Restriction of Excessive Authentication Attempts vulnerability
High
CVE-2023-49810
was published
for
wwbn/avideo
(Composer)
Jan 10, 2024
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an...
High
Unreviewed
CVE-2023-6912
was published
Dec 20, 2023
By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI...
High
Unreviewed
CVE-2023-50444
was published
Dec 13, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple...
High
Unreviewed
CVE-2023-41350
was published
Nov 3, 2023
A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows attackers to obtain user...
High
Unreviewed
CVE-2023-37832
was published
Oct 31, 2023
generator-jhipster allows a timing attack against validateToken due to a string comparison that stops at the first character
High
CVE-2015-20110
was published
for
generator-jhipster
(npm)
Oct 31, 2023
ProTip!
Advisories are also available from the
GraphQL API