Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

99 advisories

Loading
Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 do not enforce rate limiting... High Unreviewed
CVE-2025-2171 was published Jun 23, 2025
Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email... High Unreviewed
CVE-2025-31676 was published Apr 1, 2025
Password guessing limits could be bypassed when using LDAP authentication. High Unreviewed
CVE-2025-48014 was published May 20, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions... High Unreviewed
CVE-2022-3031 was published Oct 17, 2022
An unauthenticated user could discover account credentials via a brute-force attack without rate... High Unreviewed
CVE-2025-46739 was published May 12, 2025
Aiphone GT-DMB-N 3-in-1 Video Entrance Station with NFC Reader 1.0.3 does not mitigate against... High Unreviewed
CVE-2022-40903 was published Nov 15, 2022
This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of... High Unreviewed
CVE-2025-42600 was published Apr 23, 2025
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could... High Unreviewed
CVE-2017-12316 was published May 13, 2022
Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative... High Unreviewed
CVE-2022-45893 was published Dec 25, 2022
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. High Unreviewed
CVE-2023-22960 was published Jan 23, 2023
Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The... High Unreviewed
CVE-2025-0417 was published Apr 1, 2025
langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the... High Unreviewed
CVE-2024-12039 was published Mar 20, 2025
IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote... High Unreviewed
CVE-2024-51476 was published Mar 6, 2025
An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version... High Unreviewed
CVE-2024-23106 was published Jan 14, 2025
JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where... High Unreviewed
CVE-2024-55008 was published Jan 7, 2025
Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of... High Unreviewed
CVE-2024-49597 was published Nov 26, 2024
Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2024-5716 was published Nov 22, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential... High Unreviewed
CVE-2024-7292 was published Oct 9, 2024
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout... High Unreviewed
CVE-2021-22530 was published Aug 28, 2024
An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0... High Unreviewed
CVE-2024-45327 was published Sep 11, 2024
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an... High Unreviewed
CVE-2023-6912 was published Dec 20, 2023
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... High Unreviewed
CVE-2024-39398 was published Aug 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-41904 was published Aug 13, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39873 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39874 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database