Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
656
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for... High Unreviewed
CVE-2024-48271 was published Oct 30, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute... High Unreviewed
CVE-2024-7293 was published Oct 9, 2024
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. High Unreviewed
CVE-2024-47221 was published Sep 22, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... High Unreviewed
CVE-2021-38133 was published Sep 12, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote... High Unreviewed
CVE-2022-39997 was published Aug 27, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,... High Unreviewed
CVE-2024-40697 was published Aug 13, 2024
The user management section of the web application permits the creation of user accounts with... High Unreviewed
CVE-2023-41923 was published Jul 2, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords... High Unreviewed
CVE-2024-36789 was published Jun 7, 2024
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to... High Unreviewed
CVE-2024-25729 was published Mar 8, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-43016 was published Feb 3, 2024
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote... High Unreviewed
CVE-2023-41353 was published Nov 3, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP... High Unreviewed
CVE-2023-40707 was published Aug 24, 2023
Answer has Weak Password Requirements High
CVE-2023-4125 was published for github.com/answerdev/answer (Go) Aug 3, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
Weak Password Requirements in calibreweb High
CVE-2023-2106 was published for calibreweb (pip) Apr 15, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by... High Unreviewed
CVE-2022-34333 was published Apr 7, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker... High Unreviewed
CVE-2022-45635 was published Mar 21, 2023
Weak Password Requirements in thorsten/phpmyfaq High
CVE-2023-0793 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
Froxlor contains Weak Password Requirements High
CVE-2023-0564 was published for froxlor/froxlor (Composer) Jan 29, 2023
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0... High Unreviewed
CVE-2021-39434 was published Dec 6, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the... High Unreviewed
CVE-2022-43030 was published Nov 15, 2022
rdiffweb contains Weak Password Requirements High
CVE-2022-3179 was published for rdiffweb (pip) Sep 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database