Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

103 advisories

Loading
Improper Restriction of Excessive Authentication Attempts in Sorcery High
CVE-2020-11052 was published for sorcery (RubyGems) May 7, 2020
futuretap
Improper Restriction of Excessive Authentication Attempts in Argo API High
CVE-2020-8827 was published for github.com/argoproj/argo-cd (Go) Jul 26, 2021
Improper Restriction of Excessive Authentication Attempts in py-bcrypt High
CVE-2013-1895 was published for py-bcrypt (pip) Oct 12, 2021
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting... High Unreviewed
CVE-2021-38890 was published Nov 24, 2021
ENC DataVault 7.1.1W and VaultAPI v67, which is currently being used in various other... High Unreviewed
CVE-2021-36750 was published Dec 23, 2021
A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that... High Unreviewed
CVE-2021-22818 was published Jan 29, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2021-40360 was published Feb 10, 2022
Confd log files contain local users', including root’s, SHA512crypt password hashes with... High Unreviewed
CVE-2022-0652 was published Mar 23, 2022
VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly... High Unreviewed
CVE-1999-1324 was published Apr 30, 2022
Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which... High Unreviewed
CVE-2001-0395 was published Apr 30, 2022
The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect... High Unreviewed
CVE-2001-1291 was published Apr 30, 2022
Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when... High Unreviewed
CVE-2001-1339 was published Apr 30, 2022
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness High Unreviewed
CVE-2013-2257 was published May 5, 2022
SaltStack RSA Key Generation allows remote users to decrypt communications High
CVE-2013-2228 was published for salt (pip) May 5, 2022
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The... High Unreviewed
CVE-2019-0039 was published May 13, 2022
Keycloak Improper Bruteforce Detection High
CVE-2018-14657 was published for org.keycloak:keycloak-parent (Maven) May 13, 2022
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could... High Unreviewed
CVE-2017-12316 was published May 13, 2022
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A (with firmware through... High Unreviewed
CVE-2017-14423 was published May 13, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... High Unreviewed
CVE-2022-24044 was published May 21, 2022
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration,... High Unreviewed
CVE-2019-4068 was published May 24, 2022
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an... High Unreviewed
CVE-2019-14951 was published May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) uses an inadequate account lockout... High Unreviewed
CVE-2019-4310 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of... High Unreviewed
CVE-2019-3746 was published May 24, 2022
IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a... High Unreviewed
CVE-2019-4520 was published May 24, 2022
Pimcore Discloses Usernames In Use High
CVE-2019-18986 was published for pimcore/pimcore (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database