GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
91 advisories
Filter by severity
PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by...
Moderate
Unreviewed
CVE-2022-44023
was published
Oct 30, 2022
Kirby CMS vulnerable to user enumeration in the code-based login and password reset forms
Moderate
CVE-2022-39314
was published
for
getkirby/cms
(Composer)
Oct 18, 2022
WiseConnect - ScreenConnect Session Code Bypass. An attacker would have to use a proxy to monitor...
Moderate
Unreviewed
CVE-2022-36781
was published
Sep 29, 2022
There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may...
Moderate
Unreviewed
CVE-2022-33735
was published
Sep 21, 2022
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control....
Moderate
Unreviewed
CVE-2022-24689
was published
Jul 19, 2022
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being...
Moderate
Unreviewed
CVE-2022-22496
was published
Jul 1, 2022
An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for...
Moderate
Unreviewed
CVE-2022-28386
was published
Jun 9, 2022
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design,...
Moderate
Unreviewed
CVE-2022-28384
was published
Jun 9, 2022
In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be...
Moderate
Unreviewed
CVE-2021-44033
was published
May 24, 2022
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an...
Moderate
Unreviewed
CVE-2021-43332
was published
May 24, 2022
An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login...
Moderate
Unreviewed
CVE-2021-33209
was published
May 24, 2022
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is...
Moderate
Unreviewed
CVE-2021-42096
was published
May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A...
Moderate
Unreviewed
CVE-2021-36285
was published
May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A...
Moderate
Unreviewed
CVE-2021-36284
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could...
Moderate
Unreviewed
CVE-2021-29842
was published
May 24, 2022
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php
Moderate
Unreviewed
CVE-2021-38725
was published
May 24, 2022
After requesting multiple permissions, and closing the first permission panel, subsequent...
Moderate
Unreviewed
CVE-2021-29987
was published
May 24, 2022
In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in...
Moderate
Unreviewed
CVE-2021-33190
was published
May 24, 2022
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is...
Moderate
Unreviewed
CVE-2021-29023
was published
May 24, 2022
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly...
Moderate
Unreviewed
CVE-2021-29648
was published
May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account...
Moderate
Unreviewed
CVE-2020-4891
was published
May 24, 2022
Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an...
Moderate
Unreviewed
CVE-2021-20635
was published
May 24, 2022
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings...
Moderate
Unreviewed
CVE-2021-1311
was published
May 24, 2022
An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0. An "User...
Moderate
Unreviewed
CVE-2020-28206
was published
May 24, 2022
In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
Moderate
Unreviewed
CVE-2020-29136
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API