GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,150
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,268
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,653

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

324 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that if exploited allows a... Moderate Unreviewed

CVE-2024-28022 was published Jun 11, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form... Moderate Unreviewed

CVE-2024-35747 was published Jun 10, 2024

Improper restriction of excessive authentication attempts with two factor authentication methods... Moderate Unreviewed

CVE-2024-28833 was published Jun 10, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms... Moderate Unreviewed

CVE-2023-48276 was published Jun 4, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact... Moderate Unreviewed

CVE-2023-48318 was published Jun 4, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder... Moderate Unreviewed

CVE-2023-48290 was published Jun 4, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha... Moderate Unreviewed

CVE-2023-48745 was published Jun 4, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive... Moderate Unreviewed

CVE-2023-45009 was published Jun 4, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP... Moderate Unreviewed

CVE-2023-44235 was published Jun 4, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress... Moderate Unreviewed

CVE-2023-34001 was published Jun 4, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force... Moderate Unreviewed

CVE-2023-23730 was published Jun 4, 2024

Silverstripe Brute force bypass on default admin Critical

GHSA-8v6m-7f5v-hhx6 was published for silverstripe/framework (Composer) May 23, 2024

OATHAuth extension in MediaWiki is not implementing rate limit High

CVE-2020-25827 was published for mediawiki/core (Composer) May 24, 2022

Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment... Moderate Unreviewed

CVE-2024-32720 was published May 17, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid... Moderate Unreviewed

CVE-2024-32774 was published May 17, 2024

eZ Platform Admin UI Password reset vulnerability High

GHSA-hfpp-2vhw-qq43 was published for ezsystems/ezplatform-user (Composer) May 15, 2024

eZ Platform Password reset vulnerability High

GHSA-cg84-55jx-4237 was published for ezsystems/ezplatform-admin-ui (Composer) May 15, 2024

KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which... Moderate Unreviewed

CVE-2024-3461 was published May 14, 2024

OpenStack Keystone allows information disclosure during account locking High

CVE-2021-38155 was published for keystone (pip) May 24, 2022

SaltStack RSA Key Generation allows remote users to decrypt communications High

CVE-2013-2228 was published for salt (pip) May 5, 2022

PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by... Moderate Unreviewed

CVE-2022-44023 was published Oct 30, 2022

PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by... Moderate Unreviewed

CVE-2022-44022 was published Oct 30, 2022

Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress... Moderate Unreviewed

CVE-2024-32676 was published Apr 25, 2024

The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. High Unreviewed

CVE-2023-26756 was published Apr 14, 2023

Dolibarr Improper Restriction of Excessive Authentication Attempts Critical

CVE-2020-7995 was published for dolibarr/dolibarr (Composer) May 24, 2022

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

324 advisories