Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

96 advisories

Loading
The product does not implement sufficient measures to prevent multiple failed authentication... Moderate Unreviewed
CVE-2025-49186 was published Jun 12, 2025
The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker... Moderate Unreviewed
CVE-2025-49195 was published Jun 12, 2025
A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-5864 was published Jun 9, 2025
IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection,... Moderate Unreviewed
CVE-2023-45190 was published Feb 9, 2024
An issue was discovered on Innovaphone PBX before 14r1 devices. The password form, used to... Moderate Unreviewed
CVE-2024-24721 was published Feb 27, 2024
An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1... Moderate Unreviewed
CVE-2023-34732 was published May 12, 2025
A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco... Moderate Unreviewed
CVE-2025-20196 was published May 7, 2025
A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in... Moderate Unreviewed
CVE-2025-3555 was published Apr 14, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code... Moderate Unreviewed
CVE-2025-3129 was published Apr 3, 2025
A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3... Moderate Unreviewed
CVE-2025-3556 was published Apr 14, 2025
Unauthorised access to the call forwarding service system in MeetMe products in versions prior to... Moderate Unreviewed
CVE-2025-2911 was published Mar 28, 2025
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1345 was published Feb 19, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot... Moderate Unreviewed
CVE-2025-1496 was published Mar 20, 2025
A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has... Moderate Unreviewed
CVE-2025-1629 was published Feb 24, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real... Moderate Unreviewed
CVE-2025-22645 was published Feb 18, 2025
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which... Moderate Unreviewed
CVE-2024-3461 was published May 14, 2024
An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks... Moderate Unreviewed
CVE-2024-30390 was published Apr 12, 2024
ENTAB ERP 1.0 allows attackers to discover users' full names via a brute force attack with a... Moderate Unreviewed
CVE-2022-30076 was published Apr 16, 2023
Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an... Moderate Unreviewed
CVE-2024-53647 was published Dec 31, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of... Moderate Unreviewed
CVE-2024-38488 was published Dec 13, 2024
A vulnerability exists in NSD570 login panel that does not restrict excessive authentication... Moderate Unreviewed
CVE-2024-9928 was published Nov 26, 2024
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block... Moderate Unreviewed
CVE-2024-0787 was published Nov 15, 2024
An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server... Moderate Unreviewed
CVE-2024-51720 was published Nov 12, 2024
SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality... Moderate Unreviewed
CVE-2024-47592 was published Nov 12, 2024
A JSON Injection vulnerability exists in the `mintplex-labs/anything-llm` application,... Moderate Unreviewed
CVE-2024-3102 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database