Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117 advisories

Loading
LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress... Critical Unreviewed
CVE-2020-35590 was published May 24, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH... Critical Unreviewed
CVE-2020-25196 was published May 24, 2022
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid... Critical Unreviewed
CVE-2020-15906 was published May 24, 2022
A ZTE product is impacted by the improper access control vulnerability. Due to lack of an... Critical Unreviewed
CVE-2020-6875 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2018.5. There is a lack of lock-out after excessive... Critical Unreviewed
CVE-2020-15770 was published May 24, 2022
Dolibarr Improper Restriction of Excessive Authentication Attempts Critical
CVE-2020-7995 was published for dolibarr/dolibarr (Composer) May 24, 2022
Pimcore 2FA Vulnerable to Brute Forcing Critical
CVE-2019-18985 was published for pimcore/pimcore (Composer) May 24, 2022
AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force... Critical Unreviewed
CVE-2019-12941 was published May 24, 2022
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection... Critical Unreviewed
CVE-2019-17240 was published May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed
CVE-2019-17215 was published May 24, 2022
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive... Critical Unreviewed
CVE-2019-3766 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1).... Critical Unreviewed
CVE-2019-13918 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout... Critical Unreviewed
CVE-2019-4336 was published May 24, 2022
web2py is vulnerable to password brute-force attack Critical
CVE-2016-10321 was published for web2py (pip) May 14, 2022
IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a... Critical Unreviewed
CVE-2018-1475 was published May 13, 2022
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force... Critical Unreviewed
CVE-2018-12993 was published May 13, 2022
An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can... Critical Unreviewed
CVE-2018-12649 was published May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell... Critical Unreviewed
CVE-2017-7898 was published May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could... Critical Unreviewed
CVE-2017-1197 was published May 13, 2022
phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in... Critical Unreviewed
CVE-2017-11187 was published May 13, 2022
An improper restriction of excessive authentication attempts vulnerability in /principals in... Critical Unreviewed
CVE-2017-15887 was published May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell... Critical Unreviewed
CVE-2017-7915 was published May 13, 2022
Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior... Critical Unreviewed
CVE-2018-11082 was published May 13, 2022
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method... Critical Unreviewed
CVE-2018-15759 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout... Critical Unreviewed
CVE-2018-1373 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database