GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Keycloak Services has a potential bypass of brute force protection
Moderate
CVE-2024-4629
was published
for
org.keycloak:keycloak-services
(Maven)
Sep 17, 2024
Windmill HTTP Request users.rs excessive authentication in github.com/windmill-labs/windmill
Moderate
CVE-2024-8462
was published
for
github.com/windmill-labs/windmill
(Go)
Sep 5, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass
Moderate
CVE-2024-32868
was published
for
github.com/zitadel/zitadel
(Go)
Apr 25, 2024
Bypassing Rate Limit and Brute Force Protection Using Cache Overflow
Moderate
CVE-2024-21662
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Mar 18, 2024
Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss
Moderate
CVE-2024-21652
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Mar 18, 2024
Improper Restriction of Excessive Authentication Attempts in github.com/greenpau/caddy-security
Moderate
CVE-2024-21500
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Devise-Two-Factor vulnerable to brute force attacks
Moderate
CVE-2024-0227
was published
for
devise-two-factor
(RubyGems)
Jan 12, 2024
•
withdrawn
LibreNMS vulnerable to rate limiting bypass on login page
Moderate
CVE-2023-46745
was published
for
librenms/librenms
(Composer)
Nov 17, 2023
Improper Restriction of Excessive Authentication Attempts in calibreweb
Moderate
CVE-2022-2525
was published
for
calibreweb
(pip)
Apr 15, 2023
Answer has Guessable CAPTCHA
Moderate
CVE-2023-1539
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
usememos/memos vulnerable Improper Restriction of Excessive Authentication Attempts
Moderate
CVE-2022-4797
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
Kirby CMS vulnerable to user enumeration in the code-based login and password reset forms
Moderate
CVE-2022-39314
was published
for
getkirby/cms
(Composer)
Oct 18, 2022
No Restriction of Excessive Authentication Attempts in Firefly III
Moderate
CVE-2021-3663
was published
for
grumpydictator/firefly-iii
(Composer)
Aug 9, 2021
ProTip!
Advisories are also available from the
GraphQL API