Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly... Moderate Unreviewed
CVE-2024-35137 was published Jun 28, 2024
An Unverified Password Change could allow a malicious actor with API access to the device to... Low Unreviewed
CVE-2024-29208 was published May 7, 2024
The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak... Moderate Unreviewed
CVE-2024-32213 was published May 1, 2024
The user management section of the web application permits the creation of user accounts with... High Unreviewed
CVE-2023-41923 was published Jul 2, 2024
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks... Moderate Unreviewed
CVE-2018-5389 was published May 13, 2022
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for... Critical Unreviewed
CVE-2023-37756 was published Sep 14, 2023
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the... Critical Unreviewed
CVE-2023-37503 was published Oct 19, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP... High Unreviewed
CVE-2023-40707 was published Aug 24, 2023
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password... Moderate Unreviewed
CVE-2023-3470 was published Aug 2, 2023
There are no requirements for setting a complex password for PiiGAB M-Bus, which... Critical Unreviewed
CVE-2023-34995 was published Jul 7, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set... High Unreviewed
CVE-2019-18872 was published May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability.... Critical Unreviewed
CVE-2019-3758 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1).... Critical Unreviewed
CVE-2019-13918 was published May 24, 2022
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud... Critical Unreviewed
CVE-2019-9950 was published May 24, 2022
gpw generates shorter passwords than required High Unreviewed
CVE-2011-4931 was published Apr 22, 2022
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote... High Unreviewed
CVE-2020-11966 was published May 24, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. All inverters have a... Critical Unreviewed
CVE-2017-9853 was published May 13, 2022
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-22355 was published Mar 3, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have... Moderate Unreviewed
CVE-2023-50305 was published Mar 1, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1345 was published Feb 19, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1346 was published Feb 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database