Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker... Moderate Unreviewed
CVE-2023-38369 was published Feb 7, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-43016 was published Feb 3, 2024
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1... Moderate Unreviewed
CVE-2024-0676 was published Jan 30, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as... Low Unreviewed
CVE-2024-0347 was published Jan 10, 2024
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new... Critical Unreviewed
CVE-2023-49238 was published Jan 9, 2024
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer... Low Unreviewed
CVE-2024-0188 was published Jan 2, 2024
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as... Low Unreviewed
CVE-2023-7053 was published Dec 22, 2023
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain... Critical Unreviewed
CVE-2023-24049 was published Dec 5, 2023
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via... Critical Unreviewed
CVE-2023-29974 was published Nov 8, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote... High Unreviewed
CVE-2023-41353 was published Nov 3, 2023
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the... Critical Unreviewed
CVE-2023-37503 was published Oct 19, 2023
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for... Critical Unreviewed
CVE-2023-37756 was published Sep 14, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP... High Unreviewed
CVE-2023-40707 was published Aug 24, 2023
Answer has Weak Password Requirements High
CVE-2023-4125 was published for github.com/answerdev/answer (Go) Aug 3, 2023
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password... Moderate Unreviewed
CVE-2023-3470 was published Aug 2, 2023
There are no requirements for setting a complex password for PiiGAB M-Bus, which... Critical Unreviewed
CVE-2023-34995 was published Jul 7, 2023
Apache InLong has Weak Password Requirements in Apache InLong Critical
CVE-2023-31098 was published for org.apache.inlong:manager-pojo (Maven) Jul 6, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1... Moderate Unreviewed
CVE-2023-3423 was published Jun 27, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
Modoboa has Weak Password Requirements Moderate
CVE-2023-2160 was published for modoboa (pip) Apr 18, 2023
Weak Password Requirements in calibreweb High
CVE-2023-2106 was published for calibreweb (pip) Apr 15, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by... High Unreviewed
CVE-2022-34333 was published Apr 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database