GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
64 advisories
Filter by severity
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the...
Critical
Unreviewed
CVE-2020-12069
was published
Dec 26, 2022
Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to...
High
Unreviewed
CVE-2024-23091
was published
Jul 30, 2024
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A...
High
Unreviewed
CVE-2019-20466
was published
May 24, 2022
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the...
High
Unreviewed
CVE-2024-3183
was published
Jun 12, 2024
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could...
Unknown
Unreviewed
CVE-2024-24553
was published
Jun 24, 2024
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting...
Low
Unreviewed
CVE-2024-21754
was published
Jun 11, 2024
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating...
Critical
Unreviewed
CVE-2019-19735
was published
May 24, 2022
The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an...
High
Unreviewed
CVE-2023-31412
was published
Aug 24, 2023
PiiGAB M-Bus stores passwords using a weak hash algorithm.
Critical
Unreviewed
CVE-2023-34433
was published
Jul 7, 2023
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows...
High
Unreviewed
CVE-2023-33243
was published
Jun 15, 2023
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
Critical
Unreviewed
CVE-2019-17216
was published
May 24, 2022
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a...
Moderate
Unreviewed
CVE-2019-12737
was published
May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in ekorCCP and ekorRCI that could allow an...
Moderate
Unreviewed
CVE-2022-47557
was published
Sep 19, 2023
A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by...
Low
Unreviewed
CVE-2024-2365
was published
Mar 11, 2024
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40...
Moderate
Unreviewed
CVE-2008-1526
was published
May 1, 2022
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting...
High
Unreviewed
CVE-2001-0967
was published
Apr 30, 2022
The default password hashing algorithm (PBKDF2-HMAC-SHA1) in Liferay Portal 7.2.0 through 7.4.3...
High
Unreviewed
CVE-2024-25607
was published
Feb 20, 2024
PostgreSQL uses the username for a salt when generating passwords, which makes it easier for...
Moderate
Unreviewed
CVE-2002-1657
was published
Apr 30, 2022
CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the...
High
Unreviewed
CVE-2005-0408
was published
May 1, 2022
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local...
Low
Unreviewed
CVE-2006-1058
was published
May 1, 2022
The Priva TopControl Suite contains predictable credentials for the SSH service, based on the...
High
Unreviewed
CVE-2022-3010
was published
Jan 2, 2024
A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901....
Low
Unreviewed
CVE-2023-4986
was published
Sep 15, 2023
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers...
High
Unreviewed
CVE-2023-5846
was published
Nov 2, 2023
The application was vulnerable to an authenticated information disclosure, allowing...
Moderate
Unreviewed
CVE-2022-40295
was published
Nov 1, 2022
AMI Megarac Weak password hashes for Redfish & API
Moderate
Unreviewed
CVE-2022-40258
was published
Jan 31, 2023
ProTip!
Advisories are also available from the
GraphQL API