Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not... High Unreviewed
CVE-2020-25153 was published May 24, 2022
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the... High Unreviewed
CVE-2020-11925 was published May 24, 2022
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace... High Unreviewed
CVE-2021-36808 was published May 24, 2022
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong... High Unreviewed
CVE-2019-4235 was published May 24, 2022
IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for... High Unreviewed
CVE-2019-4321 was published May 24, 2022
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before... High Unreviewed
CVE-2020-15369 was published May 24, 2022
In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not... High Unreviewed
CVE-2021-25923 was published May 24, 2022
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement... High Unreviewed
CVE-2022-29098 was published Jun 2, 2022
Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password... High Unreviewed
CVE-2022-29729 was published Jun 3, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key... High Unreviewed
CVE-2022-30325 was published Jun 17, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,... High Unreviewed
CVE-2022-28377 was published Jul 15, 2022
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a... High Unreviewed
CVE-2022-36301 was published Aug 2, 2022
Contract Management System v2.0 contains a weak default password which gives attackers to access... High Unreviewed
CVE-2022-35198 was published Aug 19, 2022
Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the... High Unreviewed
CVE-2022-34772 was published Aug 23, 2022
Missing password strength check in notrinos/notrinos-erp High
CVE-2022-2927 was published for notrinos/notrinos-erp (Composer) Aug 23, 2022
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password... High Unreviewed
CVE-2022-27558 was published Aug 29, 2022
rdiffweb contains Weak Password Requirements High
CVE-2022-3179 was published for rdiffweb (pip) Sep 14, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the... High Unreviewed
CVE-2022-43030 was published Nov 15, 2022
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0... High Unreviewed
CVE-2021-39434 was published Dec 6, 2022
Froxlor contains Weak Password Requirements High
CVE-2023-0564 was published for froxlor/froxlor (Composer) Jan 29, 2023
Weak Password Requirements in thorsten/phpmyfaq High
CVE-2023-0793 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker... High Unreviewed
CVE-2022-45635 was published Mar 21, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by... High Unreviewed
CVE-2022-34333 was published Apr 7, 2023
Weak Password Requirements in calibreweb High
CVE-2023-2106 was published for calibreweb (pip) Apr 15, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database