GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,066

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

324 advisories

Filter by severity

Sort by

Least recently updated

The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts... High Unreviewed

CVE-2022-37145 was published Sep 9, 2022

OctoPrint does not have rate limiting on the login page Low

CVE-2022-2822 was published for OctoPrint (pip) Aug 16, 2022

A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a... Critical Unreviewed

CVE-2022-2457 was published Aug 11, 2022

Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force... Critical Unreviewed

CVE-2022-35490 was published Aug 9, 2022

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed

CVE-2021-22640 was published Jul 29, 2022

Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts... Critical Unreviewed

CVE-2022-31234 was published Jul 22, 2022

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control.... Moderate Unreviewed

CVE-2022-24689 was published Jul 19, 2022

IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could... High Unreviewed

CVE-2022-22452 was published Jul 15, 2022

Improper Restriction of Excessive Authentication Attempts Critical

CVE-2022-2321 was published for github.com/heroiclabs/nakama/v3 (Go) Jul 6, 2022

While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being... Moderate Unreviewed

CVE-2022-22496 was published Jul 1, 2022

An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to... Critical Unreviewed

CVE-2022-31273 was published Jun 15, 2022

An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for... Moderate Unreviewed

CVE-2022-28386 was published Jun 9, 2022

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design,... Moderate Unreviewed

CVE-2022-28384 was published Jun 9, 2022

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict... Critical Unreviewed

CVE-2022-29084 was published Jun 3, 2022

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed

CVE-2022-30235 was published Jun 3, 2022

A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact... Critical Unreviewed

CVE-2013-10004 was published May 25, 2022

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC... Critical Unreviewed

CVE-2020-28212 was published May 24, 2022

Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager,... Critical Unreviewed

CVE-2021-32522 was published May 24, 2022

In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be... Moderate Unreviewed

CVE-2021-44033 was published May 24, 2022

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an... Moderate Unreviewed

CVE-2021-43332 was published May 24, 2022

An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login... Moderate Unreviewed

CVE-2021-33209 was published May 24, 2022

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is... Moderate Unreviewed

CVE-2021-42096 was published May 24, 2022

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout... Critical Unreviewed

CVE-2021-38474 was published May 24, 2022

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A... Moderate Unreviewed

CVE-2021-36285 was published May 24, 2022

Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A... Moderate Unreviewed

CVE-2021-36284 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

324 advisories