Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

90 advisories

Loading
The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts... High Unreviewed
CVE-2022-37145 was published Sep 9, 2022
The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission... High Unreviewed
CVE-2022-37144 was published Sep 9, 2022
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could... High Unreviewed
CVE-2022-22452 was published Jul 15, 2022
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on... High Unreviewed
CVE-2021-22003 was published May 24, 2022
IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote... High Unreviewed
CVE-2021-20427 was published May 24, 2022
The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and... High Unreviewed
CVE-2021-27943 was published May 24, 2022
An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to... High Unreviewed
CVE-2021-35472 was published May 24, 2022
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker... High Unreviewed
CVE-2020-23283 was published May 24, 2022
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur. High Unreviewed
CVE-2021-28127 was published May 24, 2022
It was found that all versions of 3Scale developer portal lacked brute force protections. An... High Unreviewed
CVE-2021-3412 was published May 24, 2022
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to... High Unreviewed
CVE-2020-26556 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28248 was published May 24, 2022
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE... High Unreviewed
CVE-2021-25676 was published May 24, 2022
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is... High Unreviewed
CVE-2021-27935 was published May 24, 2022
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a... High Unreviewed
CVE-2021-27188 was published May 24, 2022
In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement... High Unreviewed
CVE-2021-3138 was published May 24, 2022
In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force... High Unreviewed
CVE-2020-35585 was published May 24, 2022
In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using... High Unreviewed
CVE-2020-35586 was published May 24, 2022
Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows... High Unreviewed
CVE-2020-27423 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS... High Unreviewed
CVE-2020-15786 was published May 24, 2022
Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel... High Unreviewed
CVE-2020-13872 was published May 24, 2022
IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a... High Unreviewed
CVE-2019-4520 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of... High Unreviewed
CVE-2019-3746 was published May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) uses an inadequate account lockout... High Unreviewed
CVE-2019-4310 was published May 24, 2022
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an... High Unreviewed
CVE-2019-14951 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database