Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

170 advisories

Loading
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-22355 was published Mar 3, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have... Moderate Unreviewed
CVE-2023-50305 was published Mar 1, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1345 was published Feb 19, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1346 was published Feb 19, 2024
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker... Moderate Unreviewed
CVE-2023-38369 was published Feb 7, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-43016 was published Feb 3, 2024
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1... Moderate Unreviewed
CVE-2024-0676 was published Jan 30, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as... Low Unreviewed
CVE-2024-0347 was published Jan 10, 2024
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new... Critical Unreviewed
CVE-2023-49238 was published Jan 9, 2024
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer... Low Unreviewed
CVE-2024-0188 was published Jan 2, 2024
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as... Low Unreviewed
CVE-2023-7053 was published Dec 22, 2023
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain... Critical Unreviewed
CVE-2023-24049 was published Dec 5, 2023
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via... Critical Unreviewed
CVE-2023-29974 was published Nov 8, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote... High Unreviewed
CVE-2023-41353 was published Nov 3, 2023
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the... Critical Unreviewed
CVE-2023-37503 was published Oct 19, 2023
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for... Critical Unreviewed
CVE-2023-37756 was published Sep 14, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP... High Unreviewed
CVE-2023-40707 was published Aug 24, 2023
Answer has Weak Password Requirements High
CVE-2023-4125 was published for github.com/answerdev/answer (Go) Aug 3, 2023
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password... Moderate Unreviewed
CVE-2023-3470 was published Aug 2, 2023
There are no requirements for setting a complex password for PiiGAB M-Bus, which... Critical Unreviewed
CVE-2023-34995 was published Jul 7, 2023
Apache InLong has Weak Password Requirements in Apache InLong Critical
CVE-2023-31098 was published for org.apache.inlong:manager-pojo (Maven) Jul 6, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1... Moderate Unreviewed
CVE-2023-3423 was published Jun 27, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database