Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
Missing password strength check in notrinos/notrinos-erp High
CVE-2022-2927 was published for notrinos/notrinos-erp (Composer) Aug 23, 2022
Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak... Critical Unreviewed
CVE-2022-44236 was published Dec 15, 2022
etcd has no minimum password length Moderate
CVE-2020-15115 was published for go.etcd.io/etcd/client/v3 (Go) Oct 6, 2022
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a... High Unreviewed
CVE-2022-36301 was published Aug 2, 2022
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET... Critical Unreviewed
CVE-2022-31211 was published Jul 18, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,... High Unreviewed
CVE-2022-28377 was published Jul 15, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key... High Unreviewed
CVE-2022-30325 was published Jun 17, 2022
Weak default root user credentials allow remote attackers to easily obtain OS superuser... Critical Unreviewed
CVE-2022-1668 was published Jun 25, 2022
Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. Critical Unreviewed
CVE-2022-2098 was published Jun 17, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating... Critical Unreviewed
CVE-2020-26201 was published May 24, 2022
Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password... High Unreviewed
CVE-2022-29729 was published Jun 3, 2022
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement... High Unreviewed
CVE-2022-29098 was published Jun 2, 2022
Weak Password Requirements in UnboundID LDAP SDK Critical
CVE-2018-1000134 was published for com.unboundid:unboundid-ldapsdk (Maven) May 13, 2022
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access... Critical Unreviewed
CVE-2022-1039 was published Apr 21, 2022
Weak Password Requirements in GitHub repository weseek/growi prior to v5.0.0. Moderate Unreviewed
CVE-2022-1236 was published Apr 6, 2022
phpMyFAQ has Weak Password Requirements Moderate
CVE-2023-0307 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database