GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,990
Composer 5,075
Erlang 39
GitHub Actions 38
Go 2,742
Maven 6,160
npm 4,339
NuGet 765
pip 4,113
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,917

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

360 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In affected versions, vulnerability-lookup did not track or limit failed One-Time Password (OTP)... High Unreviewed

CVE-2025-42615 was published Dec 8, 2025

Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction... High Unreviewed

CVE-2025-46603 was published Dec 5, 2025

Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force... High Unreviewed

CVE-2025-12995 was published Dec 4, 2025

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict... Critical Unreviewed

CVE-2025-64310 was published Nov 21, 2025

An issue was discovered in weijiang1994 university-bbs (aka Blogin) in commit... High Unreviewed

CVE-2025-63807 was published Nov 20, 2025

Windu CMS implements weak client-side brute-force protection by using parameter loginError.... Moderate Unreviewed

CVE-2025-59113 was published Nov 18, 2025

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that... Moderate Unreviewed

CVE-2025-11566 was published Nov 12, 2025

Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side... High Unreviewed

CVE-2025-10161 was published Nov 11, 2025

Improper resource management in firmware of some Solidigm DC Products may allow an attacker with... Moderate Unreviewed

CVE-2025-12896 was published Nov 7, 2025

A vulnerability was identified in LogicalDOC Community Edition up to 9.2.1. This vulnerability... Moderate Unreviewed

CVE-2025-12547 was published Oct 31, 2025

Nagios Fusion versions prior to 2024R2.1 contain a brute-force bypass in the Two-Factor... Critical Unreviewed

CVE-2025-34249 was published Oct 31, 2025

A security vulnerability has been detected in VirtFusion up to 6.0.2. This vulnerability affects... Moderate Unreviewed

CVE-2025-12310 was published Oct 27, 2025

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless... Low Unreviewed

CVE-2025-26862 was published Oct 27, 2025

A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8... Moderate Unreviewed

CVE-2025-56224 was published Oct 20, 2025

A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass... Critical Unreviewed

CVE-2025-56221 was published Oct 17, 2025

Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Protected Pages... Moderate Unreviewed

CVE-2025-9551 was published Oct 11, 2025

A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown... Moderate Unreviewed

CVE-2025-11441 was published Oct 8, 2025

The application does not implement sufficient measures to prevent multiple failed authentication... Moderate Unreviewed

CVE-2025-58587 was published Oct 6, 2025

In ExtremeGuest Essentials before 25.5.0, captive-portal may permit unauthorized access via... High Unreviewed

CVE-2025-8679 was published Oct 1, 2025

PAD CMS implements weak client-side brute-force protection by utilizing two cookies: login_count... Moderate Unreviewed

CVE-2025-8118 was published Sep 30, 2025

IBM Sterling Connect:Express for Microsoft Windows 3.1.0.0 through 3.1.0.22 uses an inadequate... Moderate Unreviewed

CVE-2025-36064 was published Sep 22, 2025

The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-10658 was published Sep 22, 2025

A vulnerability has been found in Harness 3.3.0. Affected is an unknown function of the file /api... Moderate Unreviewed

CVE-2025-10761 was published Sep 22, 2025

Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with... High Unreviewed

CVE-2025-35041 was published Sep 22, 2025

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in... Moderate Unreviewed

CVE-2025-54860 was published Sep 19, 2025

Previous1…15 Next

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

360 advisories