Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong... Moderate Unreviewed
CVE-2019-4565 was published May 24, 2022
A flaw was found in Samba, all versions starting samba 4.5.0 until samba 4.9.15, samba 4.10.10,... Moderate Unreviewed
CVE-2019-14833 was published May 24, 2022
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before... High Unreviewed
CVE-2020-15369 was published May 24, 2022
In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not... High Unreviewed
CVE-2021-25923 was published May 24, 2022
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement... High Unreviewed
CVE-2022-29098 was published Jun 2, 2022
Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password... High Unreviewed
CVE-2022-29729 was published Jun 3, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key... High Unreviewed
CVE-2022-30325 was published Jun 17, 2022
Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. Critical Unreviewed
CVE-2022-2098 was published Jun 17, 2022
Weak default root user credentials allow remote attackers to easily obtain OS superuser... Critical Unreviewed
CVE-2022-1668 was published Jun 25, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,... High Unreviewed
CVE-2022-28377 was published Jul 15, 2022
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET... Critical Unreviewed
CVE-2022-31211 was published Jul 18, 2022
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a... High Unreviewed
CVE-2022-36301 was published Aug 2, 2022
Raneto v0.17.0 employs weak password complexity requirements Critical
CVE-2022-35143 was published for raneto (npm) Aug 5, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have... Critical Unreviewed
CVE-2022-35280 was published Aug 11, 2022
Contract Management System v2.0 contains a weak default password which gives attackers to access... High Unreviewed
CVE-2022-35198 was published Aug 19, 2022
Mealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain... Critical Unreviewed
CVE-2022-34615 was published Aug 20, 2022
Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the... High Unreviewed
CVE-2022-34772 was published Aug 23, 2022
Missing password strength check in notrinos/notrinos-erp High
CVE-2022-2927 was published for notrinos/notrinos-erp (Composer) Aug 23, 2022
RuoYi v3.8.3 has a Weak password vulnerability in the management system. Critical Unreviewed
CVE-2022-37158 was published Aug 26, 2022
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password... High Unreviewed
CVE-2022-27558 was published Aug 29, 2022
Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially... Critical Unreviewed
CVE-2022-37163 was published Sep 9, 2022
Inoda OnTrack v3.4 employs a weak password policy which allows attackers to potentially gain... Critical Unreviewed
CVE-2022-37164 was published Sep 9, 2022
rdiffweb contains Weak Password Requirements High
CVE-2022-3179 was published for rdiffweb (pip) Sep 14, 2022
Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. Critical Unreviewed
CVE-2022-3268 was published Sep 23, 2022
rdiffweb vulnerable to password complexity bypass leading to weak passwords Moderate
CVE-2022-3326 was published for rdiffweb (pip) Sep 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database