Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,827
Erlang
36
GitHub Actions
32
Go
2,442
Maven
5,000+
npm
4,061
NuGet
723
pip
3,861
Pub
12
RubyGems
941
Rust
1,007
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

327 advisories

Loading
A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2025-8742 was published Aug 9, 2025
The affected product does not limit the number of attempts for inputting the correct PIN for a... Critical Unreviewed
CVE-2025-46414 was published Aug 8, 2025
A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server... Low Unreviewed
CVE-2023-32251 was published Jul 31, 2025
OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account... Moderate Unreviewed
CVE-2025-54833 was published Jul 31, 2025
Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of... Moderate Unreviewed
CVE-2025-28172 was published Jul 29, 2025
IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could... High Unreviewed
CVE-2024-49342 was published Jul 28, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Mail Login... Critical Unreviewed
CVE-2025-7393 was published Jul 21, 2025
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as... Low Unreviewed
CVE-2025-7882 was published Jul 20, 2025
The SMB server's login mechanism does not implement sufficient measures to prevent multiple... High Unreviewed
CVE-2025-27456 was published Jul 3, 2025
The MEAC300-FNADE4 does not implement sufficient measures to prevent multiple failed... High Unreviewed
CVE-2025-27449 was published Jul 3, 2025
The maxView Storage Manager does not implement sufficient measures to prevent multiple failed... High Unreviewed
CVE-2025-1710 was published Jul 3, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim... Critical Unreviewed
CVE-2025-4383 was published Jun 26, 2025
Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 do not enforce rate limiting... High Unreviewed
CVE-2025-2171 was published Jun 23, 2025
Yealink YMCS RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force... Low Unreviewed
CVE-2025-52916 was published Jun 22, 2025
The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker... Moderate Unreviewed
CVE-2025-49195 was published Jun 12, 2025
The product does not implement sufficient measures to prevent multiple failed authentication... Moderate Unreviewed
CVE-2025-49186 was published Jun 12, 2025
A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-5864 was published Jun 9, 2025
Password guessing limits could be bypassed when using LDAP authentication. High Unreviewed
CVE-2025-48014 was published May 20, 2025
RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute... Critical Unreviewed
CVE-2025-48187 was published May 17, 2025
An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1... Moderate Unreviewed
CVE-2023-34732 was published May 12, 2025
An unauthenticated user could discover account credentials via a brute-force attack without rate... High Unreviewed
CVE-2025-46739 was published May 12, 2025
A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco... Moderate Unreviewed
CVE-2025-20196 was published May 7, 2025
Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing... Critical Unreviewed
CVE-2025-3709 was published May 2, 2025
This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of... High Unreviewed
CVE-2025-42600 was published Apr 23, 2025
A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in... Moderate Unreviewed
CVE-2025-3555 was published Apr 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database