GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,642
Composer 4,232
Erlang 31
GitHub Actions 20
Go 1,991
Maven 5,179
npm 3,709
NuGet 661
pip 3,345
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,891

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

146 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic.... Moderate Unreviewed

CVE-2024-3735 was published Apr 13, 2024

Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password... Moderate Unreviewed

CVE-2024-51398 was published Nov 1, 2024

D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password,... Moderate Unreviewed

CVE-2024-48272 was published Oct 30, 2024

D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for... High Unreviewed

CVE-2024-48271 was published Oct 30, 2024

HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... Moderate Unreviewed

CVE-2024-21865 was published Mar 25, 2024

In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute... High Unreviewed

CVE-2024-7293 was published Oct 9, 2024

In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed

CVE-2024-45374 was published Sep 26, 2024

The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast... Moderate Unreviewed

CVE-2024-47121 was published Sep 26, 2024

CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. High Unreviewed

CVE-2024-47221 was published Sep 22, 2024

Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... High Unreviewed

CVE-2021-38133 was published Sep 12, 2024

An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via... Critical Unreviewed

CVE-2023-29974 was published Nov 8, 2023

A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote... High Unreviewed

CVE-2022-39997 was published Aug 27, 2024

An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords... High Unreviewed

CVE-2024-36789 was published Jun 7, 2024

IBM Common Licensing 9.0 does not require that users should have strong passwords by default,... High Unreviewed

CVE-2024-40697 was published Aug 13, 2024

A vulnerability has been identified in Location Intelligence family (All versions < V4.4).... Moderate Unreviewed

CVE-2024-41683 was published Aug 13, 2024

Philips Vue PACS does not require that users have strong passwords, which could make it easier... Moderate Unreviewed

CVE-2023-40539 was published Jul 18, 2024

Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to... High Unreviewed

CVE-2024-25729 was published Mar 8, 2024

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain... Critical Unreviewed

CVE-2023-24049 was published Dec 5, 2023

An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the... High Unreviewed

CVE-2020-11925 was published May 24, 2022

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly... Moderate Unreviewed

CVE-2024-35137 was published Jun 28, 2024

An Unverified Password Change could allow a malicious actor with API access to the device to... Low Unreviewed

CVE-2024-29208 was published May 7, 2024

The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak... Moderate Unreviewed

CVE-2024-32213 was published May 1, 2024

The user management section of the web application permits the creation of user accounts with... High Unreviewed

CVE-2023-41923 was published Jul 2, 2024

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks... Moderate Unreviewed

CVE-2018-5389 was published May 13, 2022

I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for... Critical Unreviewed

CVE-2023-37756 was published Sep 14, 2023

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

146 advisories