GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
170 advisories
Filter by severity
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which...
High
Unreviewed
CVE-2023-25072
was published
May 10, 2023
Modoboa has Weak Password Requirements
Moderate
CVE-2023-2160
was published
for
modoboa
(pip)
Apr 18, 2023
Weak Password Requirements in calibreweb
High
CVE-2023-2106
was published
for
calibreweb
(pip)
Apr 15, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2022-34333
was published
Apr 7, 2023
phpMyFAQ has weak password requirements
Moderate
CVE-2023-1753
was published
for
thorsten/phpmyfaq
(Composer)
Mar 31, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0...
Moderate
Unreviewed
CVE-2021-36689
was published
Mar 4, 2023
Weak Password Requirements in thorsten/phpmyfaq
High
CVE-2023-0793
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been...
Critical
Unreviewed
CVE-2023-0641
was published
Feb 2, 2023
A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain...
Critical
Unreviewed
CVE-2022-32513
was published
Jan 31, 2023
Publify contains Weak Password Requirements
Moderate
CVE-2023-0569
was published
for
publify_core
(RubyGems)
Jan 29, 2023
Froxlor contains Weak Password Requirements
High
CVE-2023-0564
was published
for
froxlor/froxlor
(Composer)
Jan 29, 2023
phpMyFAQ has Weak Password Requirements
Moderate
CVE-2023-0307
was published
for
thorsten/phpmyfaq
(Composer)
Jan 16, 2023
Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak...
Critical
Unreviewed
CVE-2022-44236
was published
Dec 15, 2022
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0...
High
Unreviewed
CVE-2021-39434
was published
Dec 6, 2022
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting,...
Critical
Unreviewed
CVE-2022-45482
was published
Dec 2, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the...
High
Unreviewed
CVE-2022-43030
was published
Nov 15, 2022
phpMyFAQ contains Weak Password Requirements
Critical
CVE-2022-3754
was published
for
thorsten/phpmyfaq
(Composer)
Oct 29, 2022
etcd has no minimum password length
Moderate
CVE-2020-15115
was published
for
go.etcd.io/etcd/client/v3
(Go)
Oct 6, 2022
rdiffweb allows a new password to be the same as the previous password
Moderate
CVE-2022-3376
was published
for
rdiffweb
(pip)
Oct 6, 2022
rdiffweb vulnerable to password complexity bypass leading to weak passwords
Moderate
CVE-2022-3326
was published
for
rdiffweb
(pip)
Sep 30, 2022
Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2.
Critical
Unreviewed
CVE-2022-3268
was published
Sep 23, 2022
rdiffweb contains Weak Password Requirements
High
CVE-2022-3179
was published
for
rdiffweb
(pip)
Sep 14, 2022
Inoda OnTrack v3.4 employs a weak password policy which allows attackers to potentially gain...
Critical
Unreviewed
CVE-2022-37164
was published
Sep 9, 2022
Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially...
Critical
Unreviewed
CVE-2022-37163
was published
Sep 9, 2022
ProTip!
Advisories are also available from the
GraphQL API