Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
656
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password... Moderate Unreviewed
CVE-2024-51398 was published Nov 1, 2024
D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password,... Moderate Unreviewed
CVE-2024-48272 was published Oct 30, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed
CVE-2024-45374 was published Sep 26, 2024
The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast... Moderate Unreviewed
CVE-2024-47121 was published Sep 26, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4).... Moderate Unreviewed
CVE-2024-41683 was published Aug 13, 2024
Philips Vue PACS does not require that users have strong passwords, which could make it easier... Moderate Unreviewed
CVE-2023-40539 was published Jul 18, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly... Moderate Unreviewed
CVE-2024-35137 was published Jun 28, 2024
The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak... Moderate Unreviewed
CVE-2024-32213 was published May 1, 2024
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... Moderate Unreviewed
CVE-2024-21865 was published Mar 25, 2024
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-22355 was published Mar 3, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have... Moderate Unreviewed
CVE-2023-50305 was published Mar 1, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1345 was published Feb 19, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1346 was published Feb 19, 2024
IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker... Moderate Unreviewed
CVE-2023-38369 was published Feb 7, 2024
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1... Moderate Unreviewed
CVE-2024-0676 was published Jan 30, 2024
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password... Moderate Unreviewed
CVE-2023-3470 was published Aug 2, 2023
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1... Moderate Unreviewed
CVE-2023-3423 was published Jun 27, 2023
Modoboa has Weak Password Requirements Moderate
CVE-2023-2160 was published for modoboa (pip) Apr 18, 2023
phpMyFAQ has weak password requirements Moderate
CVE-2023-1753 was published for thorsten/phpmyfaq (Composer) Mar 31, 2023
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0... Moderate Unreviewed
CVE-2021-36689 was published Mar 4, 2023
Publify contains Weak Password Requirements Moderate
CVE-2023-0569 was published for publify_core (RubyGems) Jan 29, 2023
phpMyFAQ has Weak Password Requirements Moderate
CVE-2023-0307 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
etcd has no minimum password length Moderate
CVE-2020-15115 was published for go.etcd.io/etcd/client/v3 (Go) Oct 6, 2022
rdiffweb allows a new password to be the same as the previous password Moderate
CVE-2022-3376 was published for rdiffweb (pip) Oct 6, 2022
rdiffweb vulnerable to password complexity bypass leading to weak passwords Moderate
CVE-2022-3326 was published for rdiffweb (pip) Sep 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database