Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
36
GitHub Actions
29
Go
2,336
Maven
5,000+
npm
3,969
NuGet
713
pip
3,767
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

313 advisories

Loading
The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker... Moderate Unreviewed
CVE-2025-49195 was published Jun 12, 2025
The product does not implement sufficient measures to prevent multiple failed authentication... Moderate Unreviewed
CVE-2025-49186 was published Jun 12, 2025
A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-5864 was published Jun 9, 2025
Password guessing limits could be bypassed when using LDAP authentication. High Unreviewed
CVE-2025-48014 was published May 20, 2025
RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute... Critical Unreviewed
CVE-2025-48187 was published May 17, 2025
An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1... Moderate Unreviewed
CVE-2023-34732 was published May 12, 2025
An unauthenticated user could discover account credentials via a brute-force attack without rate... High Unreviewed
CVE-2025-46739 was published May 12, 2025
A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco... Moderate Unreviewed
CVE-2025-20196 was published May 7, 2025
Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing... Critical Unreviewed
CVE-2025-3709 was published May 2, 2025
This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of... High Unreviewed
CVE-2025-42600 was published Apr 23, 2025
A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3... Moderate Unreviewed
CVE-2025-3556 was published Apr 14, 2025
A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in... Moderate Unreviewed
CVE-2025-3555 was published Apr 14, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code... Moderate Unreviewed
CVE-2025-3129 was published Apr 3, 2025
Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The... High Unreviewed
CVE-2025-0417 was published Apr 1, 2025
Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email... High Unreviewed
CVE-2025-31676 was published Apr 1, 2025
Unauthorised access to the call forwarding service system in MeetMe products in versions prior to... Moderate Unreviewed
CVE-2025-2911 was published Mar 28, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot... Moderate Unreviewed
CVE-2025-1496 was published Mar 20, 2025
langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the... High Unreviewed
CVE-2024-12039 was published Mar 20, 2025
HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability... Low Unreviewed
CVE-2024-42176 was published Mar 19, 2025
A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass... Critical Unreviewed
CVE-2025-25595 was published Mar 18, 2025
IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote... High Unreviewed
CVE-2024-51476 was published Mar 6, 2025
A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has... Moderate Unreviewed
CVE-2025-1629 was published Feb 24, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real... Moderate Unreviewed
CVE-2025-22645 was published Feb 18, 2025
An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version... High Unreviewed
CVE-2024-23106 was published Jan 14, 2025
JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where... High Unreviewed
CVE-2024-55008 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database