Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP... High Unreviewed
CVE-2023-40707 was published Aug 24, 2023
The user management section of the web application permits the creation of user accounts with... High Unreviewed
CVE-2023-41923 was published Jul 2, 2024
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the... High Unreviewed
CVE-2020-11925 was published May 24, 2022
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to... High Unreviewed
CVE-2024-25729 was published Mar 8, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,... High Unreviewed
CVE-2024-40697 was published Aug 13, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords... High Unreviewed
CVE-2024-36789 was published Jun 7, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote... High Unreviewed
CVE-2022-39997 was published Aug 27, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... High Unreviewed
CVE-2021-38133 was published Sep 12, 2024
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. High Unreviewed
CVE-2024-47221 was published Sep 22, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute... High Unreviewed
CVE-2024-7293 was published Oct 9, 2024
Plone allows weak passwords High
CVE-2020-7940 was published for Plone (pip) May 24, 2022
rdiffweb contains Weak Password Requirements High
CVE-2022-3179 was published for rdiffweb (pip) Sep 14, 2022
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for... High Unreviewed
CVE-2024-48271 was published Oct 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database