Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,124
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

68 advisories

Loading
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in... High Unreviewed
CVE-2023-31043 was published Apr 23, 2023
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity... High Unreviewed
CVE-2025-22390 was published Jan 4, 2025
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for... High Unreviewed
CVE-2024-48271 was published Oct 30, 2024
rdiffweb contains Weak Password Requirements High
CVE-2022-3179 was published for rdiffweb (pip) Sep 14, 2022
Plone allows weak passwords High
CVE-2020-7940 was published for Plone (pip) May 24, 2022
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute... High Unreviewed
CVE-2024-7293 was published Oct 9, 2024
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. High Unreviewed
CVE-2024-47221 was published Sep 22, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... High Unreviewed
CVE-2021-38133 was published Sep 12, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote... High Unreviewed
CVE-2022-39997 was published Aug 27, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords... High Unreviewed
CVE-2024-36789 was published Jun 7, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,... High Unreviewed
CVE-2024-40697 was published Aug 13, 2024
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to... High Unreviewed
CVE-2024-25729 was published Mar 8, 2024
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the... High Unreviewed
CVE-2020-11925 was published May 24, 2022
The user management section of the web application permits the creation of user accounts with... High Unreviewed
CVE-2023-41923 was published Jul 2, 2024
There are no requirements for setting a complex password in the built-in web server of the SNAP... High Unreviewed
CVE-2023-40707 was published Aug 24, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set... High Unreviewed
CVE-2019-18872 was published May 24, 2022
gpw generates shorter passwords than required High Unreviewed
CVE-2011-4931 was published Apr 22, 2022
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote... High Unreviewed
CVE-2020-11966 was published May 24, 2022
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-43016 was published Feb 3, 2024
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote... High Unreviewed
CVE-2023-41353 was published Nov 3, 2023
Answer has Weak Password Requirements High
CVE-2023-4125 was published for github.com/answerdev/answer (Go) Aug 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database