Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

319 advisories

Loading
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection... Critical Unreviewed
CVE-2019-17240 was published May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed
CVE-2019-17215 was published May 24, 2022
IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a... High Unreviewed
CVE-2019-4520 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of... High Unreviewed
CVE-2019-3746 was published May 24, 2022
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive... Critical Unreviewed
CVE-2019-3766 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1).... Critical Unreviewed
CVE-2019-13918 was published May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) uses an inadequate account lockout... High Unreviewed
CVE-2019-4310 was published May 24, 2022
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an... High Unreviewed
CVE-2019-14951 was published May 24, 2022
A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS)... Moderate Unreviewed
CVE-2019-1126 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout... Critical Unreviewed
CVE-2019-4336 was published May 24, 2022
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration,... High Unreviewed
CVE-2019-4068 was published May 24, 2022
There is an information disclosure vulnerability on Mate 9 Pro Huawei smartphones versions... Moderate Unreviewed
CVE-2019-5217 was published May 24, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... High Unreviewed
CVE-2022-24044 was published May 21, 2022
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated... Moderate Unreviewed
CVE-2014-2875 was published May 17, 2022
web2py is vulnerable to password brute-force attack Critical
CVE-2016-10321 was published for web2py (pip) May 14, 2022
A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker... Moderate Unreviewed
CVE-2018-16703 was published May 13, 2022
IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a... Critical Unreviewed
CVE-2018-1475 was published May 13, 2022
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force... Critical Unreviewed
CVE-2018-12993 was published May 13, 2022
An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can... Critical Unreviewed
CVE-2018-12649 was published May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell... Critical Unreviewed
CVE-2017-7898 was published May 13, 2022
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through... High Unreviewed
CVE-2017-14423 was published May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could... Critical Unreviewed
CVE-2017-1197 was published May 13, 2022
phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in... Critical Unreviewed
CVE-2017-11187 was published May 13, 2022
When the device is configured to perform account lockout with a defined period of time, any... Moderate Unreviewed
CVE-2017-10604 was published May 13, 2022
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could... High Unreviewed
CVE-2017-12316 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database