Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

102 advisories

Loading
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential... High Unreviewed
CVE-2024-7292 was published Oct 9, 2024
An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0... High Unreviewed
CVE-2024-45327 was published Sep 11, 2024
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout... High Unreviewed
CVE-2021-22530 was published Aug 28, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... High Unreviewed
CVE-2024-39398 was published Aug 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-41904 was published Aug 13, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38888 was published Aug 2, 2024
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated... High Unreviewed
CVE-2024-38176 was published Jul 24, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39873 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39874 was published Jul 9, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc.... High Unreviewed
CVE-2024-5862 was published Jun 24, 2024
eZ Platform Admin UI Password reset vulnerability High
GHSA-hfpp-2vhw-qq43 was published for ezsystems/ezplatform-user (Composer) May 15, 2024
eZ Platform Password reset vulnerability High
GHSA-cg84-55jx-4237 was published for ezsystems/ezplatform-admin-ui (Composer) May 15, 2024
CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability High
CVE-2024-24767 was published for github.com/IceWhaleTech/CasaOS-UserService (Go) Mar 6, 2024
DrDark1999
An unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb... High Unreviewed
CVE-2024-1104 was published Feb 22, 2024
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting... High Unreviewed
CVE-2023-45191 was published Feb 9, 2024
IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting... High Unreviewed
CVE-2023-38273 was published Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a... High Unreviewed
CVE-2023-50326 was published Feb 2, 2024
The Omron FINS protocol has an authenticated feature to prevent access to memory regions.... High Unreviewed
CVE-2022-45790 was published Jan 22, 2024
The number of attempts to bring the Hozard Alarm system (alarmsystemen) v1.0 to a disarmed state... High Unreviewed
CVE-2023-50123 was published Jan 11, 2024
WWBN AVideo Improper Restriction of Excessive Authentication Attempts vulnerability High
CVE-2023-49810 was published for wwbn/avideo (Composer) Jan 10, 2024
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an... High Unreviewed
CVE-2023-6912 was published Dec 20, 2023
By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI... High Unreviewed
CVE-2023-50444 was published Dec 13, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple... High Unreviewed
CVE-2023-41350 was published Nov 3, 2023
A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows attackers to obtain user... High Unreviewed
CVE-2023-37832 was published Oct 31, 2023
generator-jhipster allows a timing attack against validateToken due to a string comparison that stops at the first character High
CVE-2015-20110 was published for generator-jhipster (npm) Oct 31, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database