GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,861

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106 advisories

Filter by severity

Sort by

Least recently updated

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force... Critical Unreviewed

CVE-2021-22640 was published Jul 29, 2022

Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts... Critical Unreviewed

CVE-2022-31234 was published Jul 22, 2022

An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to... Critical Unreviewed

CVE-2022-31273 was published Jun 15, 2022

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict... Critical Unreviewed

CVE-2022-29084 was published Jun 3, 2022

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed

CVE-2022-30235 was published Jun 3, 2022

A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact... Critical Unreviewed

CVE-2013-10004 was published May 25, 2022

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC... Critical Unreviewed

CVE-2020-28212 was published May 24, 2022

Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager,... Critical Unreviewed

CVE-2021-32522 was published May 24, 2022

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout... Critical Unreviewed

CVE-2021-38474 was published May 24, 2022

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access... Critical Unreviewed

CVE-2021-28909 was published May 24, 2022

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to ... Critical Unreviewed

CVE-2021-28911 was published May 24, 2022

Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and... Critical Unreviewed

CVE-2021-22737 was published May 24, 2022

Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote... Critical Unreviewed

CVE-2021-31646 was published May 24, 2022

Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication... Critical Unreviewed

CVE-2019-18235 was published May 24, 2022

The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does... Critical Unreviewed

CVE-2021-25309 was published May 24, 2022

EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might... Critical Unreviewed

CVE-2021-27514 was published May 24, 2022

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login... Critical Unreviewed

CVE-2020-35565 was published May 24, 2022

LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress... Critical Unreviewed

CVE-2020-35590 was published May 24, 2022

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH... Critical Unreviewed

CVE-2020-25196 was published May 24, 2022

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid... Critical Unreviewed

CVE-2020-15906 was published May 24, 2022

A ZTE product is impacted by the improper access control vulnerability. Due to lack of an... Critical Unreviewed

CVE-2020-6875 was published May 24, 2022

An issue was discovered in Gradle Enterprise 2018.5. There is a lack of lock-out after excessive... Critical Unreviewed

CVE-2020-15770 was published May 24, 2022

AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force... Critical Unreviewed

CVE-2019-12941 was published May 24, 2022

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection... Critical Unreviewed

CVE-2019-17240 was published May 24, 2022

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed

CVE-2019-17215 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

106 advisories