GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict... Critical Unreviewed

CVE-2025-64310 was published Nov 21, 2025

Nagios Fusion versions prior to 2024R2.1 contain a brute-force bypass in the Two-Factor... Critical Unreviewed

CVE-2025-34249 was published Oct 31, 2025

A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass... Critical Unreviewed

CVE-2025-56221 was published Oct 17, 2025

The affected product does not limit the number of attempts for inputting the correct PIN for a... Critical Unreviewed

CVE-2025-46414 was published Aug 8, 2025

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login... Critical Unreviewed

CVE-2025-7393 was published Jul 21, 2025

Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim... Critical Unreviewed

CVE-2025-4383 was published Jun 26, 2025

RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute... Critical Unreviewed

CVE-2025-48187 was published May 17, 2025

Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing... Critical Unreviewed

CVE-2025-3709 was published May 2, 2025

A lack of rate limiting in the login page of Safe App version a3.0.9 allows attackers to bypass... Critical Unreviewed

CVE-2025-25595 was published Mar 18, 2025

An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication... Critical Unreviewed

CVE-2024-46442 was published Dec 10, 2024

There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed

CVE-2024-9832 was published Nov 14, 2024

This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed... Critical Unreviewed

CVE-2024-51558 was published Nov 4, 2024

A lack of rate limiting in the OTP validation component of Digitory Multi Channel Integrated POS... Critical Unreviewed

CVE-2024-48143 was published Oct 24, 2024

This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect... Critical Unreviewed

CVE-2024-47656 was published Oct 4, 2024

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code... Critical Unreviewed

CVE-2024-41276 was published Oct 1, 2024

This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive... Critical Unreviewed

CVE-2024-47088 was published Sep 19, 2024

An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x... Critical Unreviewed

CVE-2024-45523 was published Sep 18, 2024

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for... Critical Unreviewed

CVE-2024-45790 was published Sep 11, 2024

Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute... Critical Unreviewed

CVE-2024-43042 was published Aug 16, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions... Critical Unreviewed

CVE-2024-42466 was published Aug 16, 2024

Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions... Critical Unreviewed

CVE-2024-42465 was published Aug 16, 2024

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed

CVE-2024-39225 was published Aug 6, 2024

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Critical Unreviewed

CVE-2024-2051 was published Mar 18, 2024

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts,... Critical Unreviewed

CVE-2023-33759 was published Jan 25, 2024

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow... Critical Unreviewed

CVE-2024-22317 was published Jan 18, 2024

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

118 advisories