GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
321 advisories
Filter by severity
Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force...
Critical
Unreviewed
CVE-2022-35490
was published
Aug 9, 2022
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force...
Critical
Unreviewed
CVE-2021-22640
was published
Jul 29, 2022
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts...
Critical
Unreviewed
CVE-2022-31234
was published
Jul 22, 2022
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control....
Moderate
Unreviewed
CVE-2022-24689
was published
Jul 19, 2022
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could...
High
Unreviewed
CVE-2022-22452
was published
Jul 15, 2022
Improper Restriction of Excessive Authentication Attempts
Critical
CVE-2022-2321
was published
for
github.com/heroiclabs/nakama/v3
(Go)
Jul 6, 2022
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being...
Moderate
Unreviewed
CVE-2022-22496
was published
Jul 1, 2022
An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to...
Critical
Unreviewed
CVE-2022-31273
was published
Jun 15, 2022
An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for...
Moderate
Unreviewed
CVE-2022-28386
was published
Jun 9, 2022
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design,...
Moderate
Unreviewed
CVE-2022-28384
was published
Jun 9, 2022
Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict...
Critical
Unreviewed
CVE-2022-29084
was published
Jun 3, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
Critical
Unreviewed
CVE-2022-30235
was published
Jun 3, 2022
A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact...
Critical
Unreviewed
CVE-2013-10004
was published
May 25, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC...
Critical
Unreviewed
CVE-2020-28212
was published
May 24, 2022
Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager,...
Critical
Unreviewed
CVE-2021-32522
was published
May 24, 2022
In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be...
Moderate
Unreviewed
CVE-2021-44033
was published
May 24, 2022
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an...
Moderate
Unreviewed
CVE-2021-43332
was published
May 24, 2022
An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login...
Moderate
Unreviewed
CVE-2021-33209
was published
May 24, 2022
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is...
Moderate
Unreviewed
CVE-2021-42096
was published
May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout...
Critical
Unreviewed
CVE-2021-38474
was published
May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A...
Moderate
Unreviewed
CVE-2021-36285
was published
May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A...
Moderate
Unreviewed
CVE-2021-36284
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could...
Moderate
Unreviewed
CVE-2021-29842
was published
May 24, 2022
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php
Moderate
Unreviewed
CVE-2021-38725
was published
May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access...
Critical
Unreviewed
CVE-2021-28909
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API