GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,517
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,150
Maven 5,324
npm 3,815
NuGet 690
pip 3,490
Pub 12
RubyGems 902
Rust 900
Swift 38

Unreviewed advisories

All unreviewed 246,738

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

287 advisories

Filter by severity

Sort by

Least recently updated

By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI... High Unreviewed

CVE-2023-50444 was published Dec 13, 2023

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been classified as problematic.... Moderate Unreviewed

CVE-2023-6756 was published Dec 13, 2023

DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and... Critical Unreviewed

CVE-2023-49443 was published Dec 8, 2023

Improper Restriction of Excessive Authentication Attempts vulnerability in Be Devious Web... Critical Unreviewed

CVE-2023-35039 was published Dec 7, 2023

A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows... Critical Unreviewed

CVE-2023-24051 was published Dec 5, 2023

kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the... Critical Unreviewed

CVE-2023-48028 was published Nov 18, 2023

An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail... Moderate Unreviewed

CVE-2023-45582 was published Nov 14, 2023

The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute... Moderate Unreviewed

CVE-2023-42480 was published Nov 14, 2023

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake... Critical Unreviewed

CVE-2023-2675 was published Nov 13, 2023

Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV... Low Unreviewed

CVE-2023-41270 was published Nov 8, 2023

Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric... Moderate Unreviewed

CVE-2023-4625 was published Nov 6, 2023

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple... High Unreviewed

CVE-2023-41350 was published Nov 3, 2023

A lack of rate limiting in Elenos ETG150 FM transmitter v3.12 allows attackers to obtain user... High Unreviewed

CVE-2023-37832 was published Oct 31, 2023

Sielco PolyEco1000 uses a weak set of default administrative credentials that can be easily... Critical Unreviewed

CVE-2023-5754 was published Oct 26, 2023

The cookie session ID is of insufficient length and can be exploited by brute force, which may... Critical Unreviewed

CVE-2023-42769 was published Oct 26, 2023

UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks... Unknown Unreviewed

CVE-2023-37635 was published Oct 23, 2023

DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to... Critical Unreviewed

CVE-2023-27152 was published Oct 23, 2023

The TETRA TEA1 keystream generator implements a key register initialization function that... High Unreviewed

CVE-2022-24402 was published Oct 19, 2023

Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... High Unreviewed

CVE-2023-44111 was published Oct 11, 2023

Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... High Unreviewed

CVE-2023-44096 was published Oct 11, 2023

Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an... High Unreviewed

CVE-2023-43699 was published Oct 9, 2023

OpenCart v4.0.2.2 is vulnerable to Brute Force Attack. Critical Unreviewed

CVE-2023-40834 was published Sep 12, 2023

IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an... High Unreviewed

CVE-2023-26271 was published Aug 28, 2023

IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to... High Unreviewed

CVE-2022-43904 was published Aug 28, 2023

There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware... Critical Unreviewed

CVE-2023-40706 was published Aug 24, 2023

Previous 1 2 3 4 5 6 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

287 advisories