GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
166 advisories
Filter by severity
An access control vulnerability in Hame SD1 Wi-Fi firmware <=V.20140224154640 allows an attacker...
Critical
Unreviewed
CVE-2021-26797
was published
May 24, 2022
A weak password requirement vulnerability exists in the Create New User function of MintHCM...
Critical
Unreviewed
CVE-2021-25839
was published
May 24, 2022
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the...
High
Unreviewed
CVE-2020-11925
was published
May 24, 2022
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external...
Moderate
Unreviewed
CVE-2020-8296
was published
May 24, 2022
The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not...
High
Unreviewed
CVE-2020-25153
was published
May 24, 2022
Versions of the Official registry Docker images through 2.7.0 contain a blank password for the...
Critical
Unreviewed
CVE-2020-29591
was published
May 24, 2022
Versions of the Official teamspeak Docker images through 3.6.0 contain a blank password for the...
Critical
Unreviewed
CVE-2020-29590
was published
May 24, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating...
Critical
Unreviewed
CVE-2020-26201
was published
May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access...
Moderate
Unreviewed
CVE-2020-27587
was published
May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify...
Moderate
Unreviewed
CVE-2020-27585
was published
May 24, 2022
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users'...
Low
Unreviewed
CVE-2020-8956
was published
May 24, 2022
IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by...
Moderate
Unreviewed
CVE-2020-4574
was published
May 24, 2022
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set...
High
Unreviewed
CVE-2019-18872
was published
May 24, 2022
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak...
High
Unreviewed
CVE-2020-8790
was published
May 24, 2022
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote...
High
Unreviewed
CVE-2020-11966
was published
May 24, 2022
eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in...
Moderate
Unreviewed
CVE-2019-19093
was published
May 24, 2022
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a...
Low
Unreviewed
CVE-2020-8632
was published
May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability....
Critical
Unreviewed
CVE-2019-3758
was published
May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1)....
Critical
Unreviewed
CVE-2019-13918
was published
May 24, 2022
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should...
High
Unreviewed
CVE-2019-4067
was published
May 24, 2022
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud...
Critical
Unreviewed
CVE-2019-9950
was published
May 24, 2022
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
Critical
Unreviewed
CVE-2022-1775
was published
May 21, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application...
Critical
Unreviewed
CVE-2018-19064
was published
May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04...
High
Unreviewed
CVE-2018-18562
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API