GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
91 advisories
Filter by severity
An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because...
Moderate
Unreviewed
CVE-2020-29042
was published
May 24, 2022
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist...
Moderate
Unreviewed
CVE-2020-5141
was published
May 24, 2022
OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system...
Moderate
Unreviewed
CVE-2020-14494
was published
May 24, 2022
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over...
Moderate
Unreviewed
CVE-2019-13394
was published
May 24, 2022
An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12...
Moderate
Unreviewed
CVE-2019-15577
was published
May 24, 2022
A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS)...
Moderate
Unreviewed
CVE-2019-1126
was published
May 24, 2022
There is an information disclosure vulnerability on Mate 9 Pro Huawei smartphones versions...
Moderate
Unreviewed
CVE-2019-5217
was published
May 24, 2022
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated...
Moderate
Unreviewed
CVE-2014-2875
was published
May 17, 2022
A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker...
Moderate
Unreviewed
CVE-2018-16703
was published
May 13, 2022
When the device is configured to perform account lockout with a defined period of time, any...
Moderate
Unreviewed
CVE-2017-10604
was published
May 13, 2022
A specially crafted script could bypass the authentication of a maintenance port of Emerson...
Moderate
Unreviewed
CVE-2018-19021
was published
May 13, 2022
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed...
Moderate
Unreviewed
CVE-2002-0628
was published
Apr 30, 2022
Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of...
Moderate
Unreviewed
CVE-1999-1152
was published
Apr 30, 2022
There is no limit to the number of attempts to authenticate for the local configuration pages for...
Moderate
Unreviewed
CVE-2022-26519
was published
Apr 21, 2022
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows...
Moderate
Unreviewed
CVE-2022-25820
was published
Mar 11, 2022
No Restriction of Excessive Authentication Attempts in Firefly III
Moderate
CVE-2021-3663
was published
for
grumpydictator/firefly-iii
(Composer)
Aug 9, 2021
ProTip!
Advisories are also available from the
GraphQL API