Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

176 advisories

Loading
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800... Moderate Unreviewed
CVE-2024-22068 was published Oct 10, 2024
Electra Central AC unit – The unit opens an AP with an easily calculated password. Moderate Unreviewed
CVE-2023-24502 was published Jul 6, 2023
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the... Moderate Unreviewed
CVE-2019-18988 was published May 24, 2022
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in... High Unreviewed
CVE-2023-31043 was published Apr 23, 2023
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-37398 was published Jan 29, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-35907 was published Jan 29, 2025
HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak... Moderate Unreviewed
CVE-2024-42173 was published Jan 11, 2025
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity... High Unreviewed
CVE-2025-22390 was published Jan 4, 2025
Default Credentail vulnerabilities allows access to an Aspect device using publicly available... Critical Unreviewed
CVE-2024-51555 was published Dec 5, 2024
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of... Critical Unreviewed
CVE-2024-48845 was published Dec 5, 2024
rdiffweb allows a new password to be the same as the previous password Moderate
CVE-2022-3376 was published for rdiffweb (pip) Oct 6, 2022
A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-3735 was published Apr 13, 2024
Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password... Moderate Unreviewed
CVE-2024-51398 was published Nov 1, 2024
D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password,... Moderate Unreviewed
CVE-2024-48272 was published Oct 30, 2024
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for... High Unreviewed
CVE-2024-48271 was published Oct 30, 2024
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... Moderate Unreviewed
CVE-2024-21865 was published Mar 25, 2024
rdiffweb vulnerable to password complexity bypass leading to weak passwords Moderate
CVE-2022-3326 was published for rdiffweb (pip) Sep 30, 2022
rdiffweb contains Weak Password Requirements High
CVE-2022-3179 was published for rdiffweb (pip) Sep 14, 2022
Plone allows weak passwords High
CVE-2020-7940 was published for Plone (pip) May 24, 2022
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute... High Unreviewed
CVE-2024-7293 was published Oct 9, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed
CVE-2024-45374 was published Sep 26, 2024
The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast... Moderate Unreviewed
CVE-2024-47121 was published Sep 26, 2024
Modoboa has Weak Password Requirements Moderate
CVE-2023-2160 was published for modoboa (pip) Apr 18, 2023
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. High Unreviewed
CVE-2024-47221 was published Sep 22, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... High Unreviewed
CVE-2021-38133 was published Sep 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database