GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,919
Composer 4,476
Erlang 33
GitHub Actions 24
Go 2,207
Maven 5,433
npm 3,858
NuGet 696
pip 3,639
Pub 12
RubyGems 913
Rust 918
Swift 38

Unreviewed advisories

All unreviewed 249,588

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

295 advisories

Filter by severity

Sort by

Least recently updated

Unauthorised access to the call forwarding service system in MeetMe products in versions prior to... Moderate Unreviewed

CVE-2025-2911 was published Mar 28, 2025

An issue was discovered on Innovaphone PBX before 14r1 devices. The password form, used to... Moderate Unreviewed

CVE-2024-24721 was published Feb 27, 2024

A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass... Critical Unreviewed

CVE-2025-25595 was published Mar 18, 2025

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed

CVE-2024-1345 was published Feb 19, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot... Moderate Unreviewed

CVE-2025-1496 was published Mar 20, 2025

langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the... High Unreviewed

CVE-2024-12039 was published Mar 20, 2025

HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability... Low Unreviewed

CVE-2024-42176 was published Mar 19, 2025

A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS)... Critical Unreviewed

CVE-2023-24080 was published Feb 22, 2023

IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote... High Unreviewed

CVE-2024-51476 was published Mar 6, 2025

Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate... Critical Unreviewed

CVE-2023-27100 was published Mar 23, 2023

A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has... Moderate Unreviewed

CVE-2025-1629 was published Feb 24, 2025

Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real... Moderate Unreviewed

CVE-2025-22645 was published Feb 18, 2025

KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which... Moderate Unreviewed

CVE-2024-3461 was published May 14, 2024

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks... Moderate Unreviewed

CVE-2024-30390 was published Apr 12, 2024

ENTAB ERP 1.0 allows attackers to discover users' full names via a brute force attack with a... Moderate Unreviewed

CVE-2022-30076 was published Apr 16, 2023

An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version... High Unreviewed

CVE-2024-23106 was published Jan 14, 2025

JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where... High Unreviewed

CVE-2024-55008 was published Jan 7, 2025

Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an... Moderate Unreviewed

CVE-2024-53647 was published Dec 31, 2024

Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of... Moderate Unreviewed

CVE-2024-38488 was published Dec 13, 2024

An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication... Critical Unreviewed

CVE-2024-46442 was published Dec 10, 2024

A vulnerability exists in NSD570 login panel that does not restrict excessive authentication... Moderate Unreviewed

CVE-2024-9928 was published Nov 26, 2024

Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of... High Unreviewed

CVE-2024-49597 was published Nov 26, 2024

Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed

CVE-2024-5716 was published Nov 22, 2024

phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block... Moderate Unreviewed

CVE-2024-0787 was published Nov 15, 2024

There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed

CVE-2024-9832 was published Nov 14, 2024

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

295 advisories