GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
321 advisories
Filter by severity
Pimcore 2FA Vulnerable to Brute Forcing
Critical
CVE-2019-18985
was published
for
pimcore/pimcore
(Composer)
May 24, 2022
AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force...
Critical
Unreviewed
CVE-2019-12941
was published
May 24, 2022
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection...
Critical
Unreviewed
CVE-2019-17240
was published
May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
Critical
Unreviewed
CVE-2019-17215
was published
May 24, 2022
IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a...
High
Unreviewed
CVE-2019-4520
was published
May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of...
High
Unreviewed
CVE-2019-3746
was published
May 24, 2022
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive...
Critical
Unreviewed
CVE-2019-3766
was published
May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1)....
Critical
Unreviewed
CVE-2019-13918
was published
May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) uses an inadequate account lockout...
High
Unreviewed
CVE-2019-4310
was published
May 24, 2022
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an...
High
Unreviewed
CVE-2019-14951
was published
May 24, 2022
A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS)...
Moderate
Unreviewed
CVE-2019-1126
was published
May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout...
Critical
Unreviewed
CVE-2019-4336
was published
May 24, 2022
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration,...
High
Unreviewed
CVE-2019-4068
was published
May 24, 2022
There is an information disclosure vulnerability on Mate 9 Pro Huawei smartphones versions...
Moderate
Unreviewed
CVE-2019-5217
was published
May 24, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ...
High
Unreviewed
CVE-2022-24044
was published
May 21, 2022
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated...
Moderate
Unreviewed
CVE-2014-2875
was published
May 17, 2022
web2py is vulnerable to password brute-force attack
Critical
CVE-2016-10321
was published
for
web2py
(pip)
May 14, 2022
A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker...
Moderate
Unreviewed
CVE-2018-16703
was published
May 13, 2022
IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a...
Critical
Unreviewed
CVE-2018-1475
was published
May 13, 2022
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force...
Critical
Unreviewed
CVE-2018-12993
was published
May 13, 2022
An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can...
Critical
Unreviewed
CVE-2018-12649
was published
May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell...
Critical
Unreviewed
CVE-2017-7898
was published
May 13, 2022
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through...
High
Unreviewed
CVE-2017-14423
was published
May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could...
Critical
Unreviewed
CVE-2017-1197
was published
May 13, 2022
phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in...
Critical
Unreviewed
CVE-2017-11187
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API