Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

117 advisories

Loading
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. A remote... Critical Unreviewed
CVE-2022-31228 was published Oct 13, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH... Critical Unreviewed
CVE-2020-25196 was published May 24, 2022
A ZTE product is impacted by the improper access control vulnerability. Due to lack of an... Critical Unreviewed
CVE-2020-6875 was published May 24, 2022
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid... Critical Unreviewed
CVE-2020-15906 was published May 24, 2022
WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the... Critical Unreviewed
CVE-2022-33106 was published Oct 12, 2022
An issue was discovered in Gradle Enterprise 2018.5. There is a lack of lock-out after excessive... Critical Unreviewed
CVE-2020-15770 was published May 24, 2022
A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a... Critical Unreviewed
CVE-2022-2457 was published Aug 11, 2022
Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon... Critical Unreviewed
CVE-2022-2166 was published Nov 16, 2022
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed
CVE-2021-22640 was published Jul 29, 2022
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts... Critical Unreviewed
CVE-2022-31234 was published Jul 22, 2022
Improper Restriction of Excessive Authentication Attempts Critical
CVE-2022-2321 was published for github.com/heroiclabs/nakama/v3 (Go) Jul 6, 2022
An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to... Critical Unreviewed
CVE-2022-31273 was published Jun 15, 2022
Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict... Critical Unreviewed
CVE-2022-29084 was published Jun 3, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed
CVE-2022-30235 was published Jun 3, 2022
A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact... Critical Unreviewed
CVE-2013-10004 was published May 25, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive... Critical Unreviewed
CVE-2022-22561 was published Apr 13, 2022
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to... Critical Unreviewed
CVE-2021-43958 was published Mar 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database