GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
317 advisories
Filter by severity
Improper Restriction of Excessive Authentication Attempts in Sorcery
High
CVE-2020-11052
was published
for
sorcery
(RubyGems)
May 7, 2020
Improper Restriction of Excessive Authentication Attempts in Argo API
High
CVE-2020-8827
was published
for
github.com/argoproj/argo-cd
(Go)
Jul 26, 2021
No Restriction of Excessive Authentication Attempts in Firefly III
Moderate
CVE-2021-3663
was published
for
grumpydictator/firefly-iii
(Composer)
Aug 9, 2021
Improper Restriction of Excessive Authentication Attempts in py-bcrypt
High
CVE-2013-1895
was published
for
py-bcrypt
(pip)
Oct 12, 2021
A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000,...
Critical
Unreviewed
CVE-2021-41435
was published
Nov 20, 2021
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting...
High
Unreviewed
CVE-2021-38890
was published
Nov 24, 2021
Missing Rate Limiting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase®...
Critical
Unreviewed
CVE-2021-42544
was published
Dec 1, 2021
Due to insufficient server-side login-attempt limit enforcement, a vulnerability in /account...
Critical
Unreviewed
CVE-2021-37934
was published
Dec 11, 2021
ENC DataVault 7.1.1W and VaultAPI v67, which is currently being used in various other...
High
Unreviewed
CVE-2021-36750
was published
Dec 23, 2021
An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute...
Critical
Unreviewed
CVE-2020-21238
was published
Dec 29, 2021
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute...
Critical
Unreviewed
CVE-2020-21237
was published
Dec 29, 2021
Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873...
Critical
Unreviewed
CVE-2021-41807
was published
Jan 19, 2022
Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication...
Critical
Unreviewed
CVE-2022-22553
was published
Jan 22, 2022
The code that performs password matching when using 'Basic' HTTP authentication does not use a...
Critical
Unreviewed
CVE-2021-43298
was published
Jan 26, 2022
A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
High
Unreviewed
CVE-2021-22818
was published
Jan 29, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2021-40360
was published
Feb 10, 2022
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that...
Critical
Unreviewed
CVE-2022-22810
was published
Feb 11, 2022
A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3...
Critical
Unreviewed
CVE-2022-26314
was published
Mar 9, 2022
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows...
Moderate
Unreviewed
CVE-2022-25820
was published
Mar 11, 2022
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to...
Critical
Unreviewed
CVE-2021-43958
was published
Mar 17, 2022
Confd log files contain local users', including root’s, SHA512crypt password hashes with...
High
Unreviewed
CVE-2022-0652
was published
Mar 23, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive...
Critical
Unreviewed
CVE-2022-22561
was published
Apr 13, 2022
There is no limit to the number of attempts to authenticate for the local configuration pages for...
Moderate
Unreviewed
CVE-2022-26519
was published
Apr 21, 2022
Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of...
Moderate
Unreviewed
CVE-1999-1152
was published
Apr 30, 2022
VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly...
High
Unreviewed
CVE-1999-1324
was published
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API