Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

324 advisories

Loading
An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version... High Unreviewed
CVE-2024-23106 was published Jan 14, 2025
Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss Critical
CVE-2024-21652 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 18, 2024
nadava669 pasha-codefresh
jannfis crenshaw-dev todaywasawesome
JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where... High Unreviewed
CVE-2024-55008 was published Jan 7, 2025
Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an... Moderate Unreviewed
CVE-2024-53647 was published Dec 31, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of... Moderate Unreviewed
CVE-2024-38488 was published Dec 13, 2024
An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-46442 was published Dec 10, 2024
A vulnerability exists in NSD570 login panel that does not restrict excessive authentication... Moderate Unreviewed
CVE-2024-9928 was published Nov 26, 2024
Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of... High Unreviewed
CVE-2024-49597 was published Nov 26, 2024
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2024-5716 was published Nov 22, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass High
CVE-2024-32868 was published for github.com/zitadel/zitadel (Go) Apr 25, 2024
livio-a Skelmis
itz-d0dgy amit-laish muhlemmer peintnermax
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block... Moderate Unreviewed
CVE-2024-0787 was published Nov 15, 2024
There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed
CVE-2024-9832 was published Nov 14, 2024
An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server... Moderate Unreviewed
CVE-2024-51720 was published Nov 12, 2024
A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic.... Low Unreviewed
CVE-2024-11126 was published Nov 12, 2024
SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality... Moderate Unreviewed
CVE-2024-47592 was published Nov 12, 2024
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed... Critical Unreviewed
CVE-2024-51558 was published Nov 4, 2024
A lack of rate limiting in the OTP validation component of Digitory Multi Channel Integrated POS... Critical Unreviewed
CVE-2024-48143 was published Oct 24, 2024
A JSON Injection vulnerability exists in the `mintplex-labs/anything-llm` application,... Moderate Unreviewed
CVE-2024-3102 was published Jun 6, 2024
Improper Restriction of Excessive Authentication Attempts in py-bcrypt High
CVE-2013-1895 was published for py-bcrypt (pip) Oct 12, 2021
This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect... Critical Unreviewed
CVE-2024-47656 was published Oct 4, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential... High Unreviewed
CVE-2024-7292 was published Oct 9, 2024
A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code... Critical Unreviewed
CVE-2024-41276 was published Oct 1, 2024
Lin-CMS-Flask vulnerable to Improper Authentication Critical
CVE-2020-18698 was published for Lin-CMS (pip) May 24, 2022
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive... Critical Unreviewed
CVE-2024-47088 was published Sep 19, 2024
An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x... Critical Unreviewed
CVE-2024-45523 was published Sep 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database