GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
105 advisories
Filter by severity
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed...
Critical
Unreviewed
CVE-2024-51558
was published
Nov 4, 2024
A lack of rate limiting in the OTP validation component of Digitory Multi Channel Integrated POS...
Critical
Unreviewed
CVE-2024-48143
was published
Oct 24, 2024
This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect...
Critical
Unreviewed
CVE-2024-47656
was published
Oct 4, 2024
A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code...
Critical
Unreviewed
CVE-2024-41276
was published
Oct 1, 2024
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive...
Critical
Unreviewed
CVE-2024-47088
was published
Sep 19, 2024
An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x...
Critical
Unreviewed
CVE-2024-45523
was published
Sep 18, 2024
Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute...
Critical
Unreviewed
CVE-2024-43042
was published
Aug 16, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for...
Critical
Unreviewed
CVE-2024-45790
was published
Sep 11, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions...
Critical
Unreviewed
CVE-2024-42466
was published
Aug 16, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions...
Critical
Unreviewed
CVE-2024-42465
was published
Aug 16, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000...
Critical
Unreviewed
CVE-2024-39225
was published
Aug 6, 2024
A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows...
Critical
Unreviewed
CVE-2023-24051
was published
Dec 5, 2023
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to...
Critical
Unreviewed
CVE-2023-27152
was published
Oct 23, 2023
There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware...
Critical
Unreviewed
CVE-2023-40706
was published
Aug 24, 2023
Microsoft Exchange Server Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2023-21709
was published
Aug 8, 2023
An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting...
Critical
Unreviewed
CVE-2023-3548
was published
Jul 25, 2023
The number of login attempts is not limited. This could allow an attacker to perform a brute...
Critical
Unreviewed
CVE-2023-33868
was published
Jul 7, 2023
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
Critical
Unreviewed
CVE-2022-32515
was published
Jul 6, 2023
D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication...
Critical
Unreviewed
CVE-2023-32224
was published
Jun 28, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase...
Critical
Unreviewed
CVE-2023-27746
was published
Apr 13, 2023
AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force...
Critical
Unreviewed
CVE-2019-12941
was published
May 24, 2022
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection...
Critical
Unreviewed
CVE-2019-17240
was published
May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
Critical
Unreviewed
CVE-2019-17215
was published
May 24, 2022
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive...
Critical
Unreviewed
CVE-2019-3766
was published
May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1)....
Critical
Unreviewed
CVE-2019-13918
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API