GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
58 advisories
Filter by severity
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for...
High
Unreviewed
CVE-2024-48271
was published
Oct 30, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute...
High
Unreviewed
CVE-2024-7293
was published
Oct 9, 2024
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.
High
Unreviewed
CVE-2024-47221
was published
Sep 22, 2024
Possible
External Service Interaction attack
in eDirectory has been discovered in
OpenText™...
High
Unreviewed
CVE-2021-38133
was published
Sep 12, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote...
High
Unreviewed
CVE-2022-39997
was published
Aug 27, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords...
High
Unreviewed
CVE-2024-36789
was published
Jun 7, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,...
High
Unreviewed
CVE-2024-40697
was published
Aug 13, 2024
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to...
High
Unreviewed
CVE-2024-25729
was published
Mar 8, 2024
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the...
High
Unreviewed
CVE-2020-11925
was published
May 24, 2022
The user management section of the web application permits the creation of user accounts with...
High
Unreviewed
CVE-2023-41923
was published
Jul 2, 2024
There are no requirements for setting a complex password in the built-in web server of the SNAP...
High
Unreviewed
CVE-2023-40707
was published
Aug 24, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered...
High
Unreviewed
CVE-2023-3089
was published
Jul 5, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2060
was published
Jun 2, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which...
High
Unreviewed
CVE-2023-25072
was published
May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow...
High
Unreviewed
CVE-2023-25184
was published
May 10, 2023
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set...
High
Unreviewed
CVE-2019-18872
was published
May 24, 2022
gpw generates shorter passwords than required
High
Unreviewed
CVE-2011-4931
was published
Apr 22, 2022
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote...
High
Unreviewed
CVE-2020-11966
was published
May 24, 2022
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
High
Unreviewed
CVE-2023-43016
was published
Feb 3, 2024
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote...
High
Unreviewed
CVE-2023-41353
was published
Nov 3, 2023
IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules...
High
Unreviewed
CVE-2021-39064
was published
Dec 14, 2021
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2022-34333
was published
Apr 7, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should...
High
Unreviewed
CVE-2019-4067
was published
May 24, 2022
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2021-38935
was published
Feb 19, 2022
ProTip!
Advisories are also available from the
GraphQL API