Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,829
Erlang
36
GitHub Actions
33
Go
2,446
Maven
5,000+
npm
4,065
NuGet
723
pip
3,866
Pub
12
RubyGems
943
Rust
1,009
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

101 advisories

Loading
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing... Moderate Unreviewed
CVE-2025-9004 was published Aug 15, 2025
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown... Moderate Unreviewed
CVE-2025-8927 was published Aug 13, 2025
A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2025-8742 was published Aug 9, 2025
OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account... Moderate Unreviewed
CVE-2025-54833 was published Jul 31, 2025
Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of... Moderate Unreviewed
CVE-2025-28172 was published Jul 29, 2025
The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker... Moderate Unreviewed
CVE-2025-49195 was published Jun 12, 2025
The product does not implement sufficient measures to prevent multiple failed authentication... Moderate Unreviewed
CVE-2025-49186 was published Jun 12, 2025
A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-5864 was published Jun 9, 2025
An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1... Moderate Unreviewed
CVE-2023-34732 was published May 12, 2025
A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco... Moderate Unreviewed
CVE-2025-20196 was published May 7, 2025
A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3... Moderate Unreviewed
CVE-2025-3556 was published Apr 14, 2025
A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in... Moderate Unreviewed
CVE-2025-3555 was published Apr 14, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code... Moderate Unreviewed
CVE-2025-3129 was published Apr 3, 2025
Unauthorised access to the call forwarding service system in MeetMe products in versions prior to... Moderate Unreviewed
CVE-2025-2911 was published Mar 28, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot... Moderate Unreviewed
CVE-2025-1496 was published Mar 20, 2025
A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has... Moderate Unreviewed
CVE-2025-1629 was published Feb 24, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real... Moderate Unreviewed
CVE-2025-22645 was published Feb 18, 2025
Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an... Moderate Unreviewed
CVE-2024-53647 was published Dec 31, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of... Moderate Unreviewed
CVE-2024-38488 was published Dec 13, 2024
A vulnerability exists in NSD570 login panel that does not restrict excessive authentication... Moderate Unreviewed
CVE-2024-9928 was published Nov 26, 2024
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block... Moderate Unreviewed
CVE-2024-0787 was published Nov 15, 2024
An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server... Moderate Unreviewed
CVE-2024-51720 was published Nov 12, 2024
SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality... Moderate Unreviewed
CVE-2024-47592 was published Nov 12, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in Yordam Information... Moderate Unreviewed
CVE-2024-5682 was published Sep 18, 2024
RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive... Moderate Unreviewed
CVE-2024-45589 was published Sep 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database