Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109 advisories

Loading
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an... High Unreviewed
CVE-2023-1101 was published Mar 3, 2023
Improper Restriction of Excessive Authentication Attempts in modoboa High
CVE-2023-0860 was published for modoboa (pip) Feb 16, 2023
No protection against brute-force attacks on login page High
CVE-2023-25156 was published for kiwitcms (pip) Feb 15, 2023
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. High Unreviewed
CVE-2023-22960 was published Jan 23, 2023
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced.... High Unreviewed
CVE-2021-27782 was published Jan 20, 2023
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application... High Unreviewed
CVE-2022-38491 was published Jan 10, 2023
Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows... High Unreviewed
CVE-2022-26964 was published Dec 26, 2022
Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative... High Unreviewed
CVE-2022-45893 was published Dec 25, 2022
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network... High Unreviewed
CVE-2022-23746 was published Nov 30, 2022
Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts... High Unreviewed
CVE-2022-37772 was published Nov 23, 2022
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by... High Unreviewed
CVE-2022-4006 was published Nov 16, 2022
The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts... High Unreviewed
CVE-2022-37145 was published Sep 9, 2022
The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission... High Unreviewed
CVE-2022-37144 was published Sep 9, 2022
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could... High Unreviewed
CVE-2022-22452 was published Jul 15, 2022
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on... High Unreviewed
CVE-2021-22003 was published May 24, 2022
IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote... High Unreviewed
CVE-2021-20427 was published May 24, 2022
OpenStack Keystone allows information disclosure during account locking High
CVE-2021-38155 was published for keystone (pip) May 24, 2022
The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and... High Unreviewed
CVE-2021-27943 was published May 24, 2022
An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to... High Unreviewed
CVE-2021-35472 was published May 24, 2022
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker... High Unreviewed
CVE-2020-23283 was published May 24, 2022
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur. High Unreviewed
CVE-2021-28127 was published May 24, 2022
It was found that all versions of 3Scale developer portal lacked brute force protections. An... High Unreviewed
CVE-2021-3412 was published May 24, 2022
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to... High Unreviewed
CVE-2020-26556 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28248 was published May 24, 2022
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE... High Unreviewed
CVE-2021-25676 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database