Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

48 advisories

Loading
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800... Moderate Unreviewed
CVE-2024-22068 was published Oct 10, 2024
Electra Central AC unit – The unit opens an AP with an easily calculated password. Moderate Unreviewed
CVE-2023-24502 was published Jul 6, 2023
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the... Moderate Unreviewed
CVE-2019-18988 was published May 24, 2022
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-37398 was published Jan 29, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-35907 was published Jan 29, 2025
HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak... Moderate Unreviewed
CVE-2024-42173 was published Jan 11, 2025
rdiffweb allows a new password to be the same as the previous password Moderate
CVE-2022-3376 was published for rdiffweb (pip) Oct 6, 2022
A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-3735 was published Apr 13, 2024
Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password... Moderate Unreviewed
CVE-2024-51398 was published Nov 1, 2024
D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password,... Moderate Unreviewed
CVE-2024-48272 was published Oct 30, 2024
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... Moderate Unreviewed
CVE-2024-21865 was published Mar 25, 2024
rdiffweb vulnerable to password complexity bypass leading to weak passwords Moderate
CVE-2022-3326 was published for rdiffweb (pip) Sep 30, 2022
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed
CVE-2024-45374 was published Sep 26, 2024
The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast... Moderate Unreviewed
CVE-2024-47121 was published Sep 26, 2024
Modoboa has Weak Password Requirements Moderate
CVE-2023-2160 was published for modoboa (pip) Apr 18, 2023
A vulnerability has been identified in Location Intelligence family (All versions < V4.4).... Moderate Unreviewed
CVE-2024-41683 was published Aug 13, 2024
Philips Vue PACS does not require that users have strong passwords, which could make it easier... Moderate Unreviewed
CVE-2023-40539 was published Jul 18, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly... Moderate Unreviewed
CVE-2024-35137 was published Jun 28, 2024
The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak... Moderate Unreviewed
CVE-2024-32213 was published May 1, 2024
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks... Moderate Unreviewed
CVE-2018-5389 was published May 13, 2022
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password... Moderate Unreviewed
CVE-2023-3470 was published Aug 2, 2023
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-22355 was published Mar 3, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have... Moderate Unreviewed
CVE-2023-50305 was published Mar 1, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1346 was published Feb 19, 2024
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1345 was published Feb 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database