Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

170 advisories

Loading
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability.... Critical Unreviewed
CVE-2019-3758 was published May 24, 2022
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set... High Unreviewed
CVE-2019-18872 was published May 24, 2022
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
There are no requirements for setting a complex password for PiiGAB M-Bus, which... Critical Unreviewed
CVE-2023-34995 was published Jul 7, 2023
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password... Moderate Unreviewed
CVE-2023-3470 was published Aug 2, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP... High Unreviewed
CVE-2023-40707 was published Aug 24, 2023
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the... Critical Unreviewed
CVE-2023-37503 was published Oct 19, 2023
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for... Critical Unreviewed
CVE-2023-37756 was published Sep 14, 2023
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks... Moderate Unreviewed
CVE-2018-5389 was published May 13, 2022
The user management section of the web application permits the creation of user accounts with... High Unreviewed
CVE-2023-41923 was published Jul 2, 2024
The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak... Moderate Unreviewed
CVE-2024-32213 was published May 1, 2024
An Unverified Password Change could allow a malicious actor with API access to the device to... Low Unreviewed
CVE-2024-29208 was published May 7, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly... Moderate Unreviewed
CVE-2024-35137 was published Jun 28, 2024
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the... High Unreviewed
CVE-2020-11925 was published May 24, 2022
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain... Critical Unreviewed
CVE-2023-24049 was published Dec 5, 2023
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to... High Unreviewed
CVE-2024-25729 was published Mar 8, 2024
Philips Vue PACS does not require that users have strong passwords, which could make it easier... Moderate Unreviewed
CVE-2023-40539 was published Jul 18, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4).... Moderate Unreviewed
CVE-2024-41683 was published Aug 13, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,... High Unreviewed
CVE-2024-40697 was published Aug 13, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords... High Unreviewed
CVE-2024-36789 was published Jun 7, 2024
Silverpeas vulnerable to password complexity rule bypass Low
CVE-2024-42850 was published for org.silverpeas.core:silverpeas-core (Maven) Aug 16, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote... High Unreviewed
CVE-2022-39997 was published Aug 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database