GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
66 advisories
Filter by severity
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for...
High
Unreviewed
CVE-2024-48271
was published
Oct 30, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute...
High
Unreviewed
CVE-2024-7293
was published
Oct 9, 2024
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.
High
Unreviewed
CVE-2024-47221
was published
Sep 22, 2024
Possible
External Service Interaction attack
in eDirectory has been discovered in
OpenText™...
High
Unreviewed
CVE-2021-38133
was published
Sep 12, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote...
High
Unreviewed
CVE-2022-39997
was published
Aug 27, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,...
High
Unreviewed
CVE-2024-40697
was published
Aug 13, 2024
The user management section of the web application permits the creation of user accounts with...
High
Unreviewed
CVE-2023-41923
was published
Jul 2, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords...
High
Unreviewed
CVE-2024-36789
was published
Jun 7, 2024
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to...
High
Unreviewed
CVE-2024-25729
was published
Mar 8, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
High
Unreviewed
CVE-2023-43016
was published
Feb 3, 2024
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote...
High
Unreviewed
CVE-2023-41353
was published
Nov 3, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP...
High
Unreviewed
CVE-2023-40707
was published
Aug 24, 2023
Answer has Weak Password Requirements
High
CVE-2023-4125
was published
for
github.com/answerdev/answer
(Go)
Aug 3, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered...
High
Unreviewed
CVE-2023-3089
was published
Jul 5, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2060
was published
Jun 2, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which...
High
Unreviewed
CVE-2023-25072
was published
May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow...
High
Unreviewed
CVE-2023-25184
was published
May 10, 2023
Weak Password Requirements in calibreweb
High
CVE-2023-2106
was published
for
calibreweb
(pip)
Apr 15, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2022-34333
was published
Apr 7, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
Weak Password Requirements in thorsten/phpmyfaq
High
CVE-2023-0793
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
Froxlor contains Weak Password Requirements
High
CVE-2023-0564
was published
for
froxlor/froxlor
(Composer)
Jan 29, 2023
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0...
High
Unreviewed
CVE-2021-39434
was published
Dec 6, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the...
High
Unreviewed
CVE-2022-43030
was published
Nov 15, 2022
rdiffweb contains Weak Password Requirements
High
CVE-2022-3179
was published
for
rdiffweb
(pip)
Sep 14, 2022
ProTip!
Advisories are also available from the
GraphQL API