GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
58 advisories
Filter by severity
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for...
High
Unreviewed
CVE-2024-48271
was published
Oct 30, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute...
High
Unreviewed
CVE-2024-7293
was published
Oct 9, 2024
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.
High
Unreviewed
CVE-2024-47221
was published
Sep 22, 2024
Possible
External Service Interaction attack
in eDirectory has been discovered in
OpenText™...
High
Unreviewed
CVE-2021-38133
was published
Sep 12, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote...
High
Unreviewed
CVE-2022-39997
was published
Aug 27, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,...
High
Unreviewed
CVE-2024-40697
was published
Aug 13, 2024
The user management section of the web application permits the creation of user accounts with...
High
Unreviewed
CVE-2023-41923
was published
Jul 2, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords...
High
Unreviewed
CVE-2024-36789
was published
Jun 7, 2024
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to...
High
Unreviewed
CVE-2024-25729
was published
Mar 8, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
High
Unreviewed
CVE-2023-43016
was published
Feb 3, 2024
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote...
High
Unreviewed
CVE-2023-41353
was published
Nov 3, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP...
High
Unreviewed
CVE-2023-40707
was published
Aug 24, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered...
High
Unreviewed
CVE-2023-3089
was published
Jul 5, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2060
was published
Jun 2, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which...
High
Unreviewed
CVE-2023-25072
was published
May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow...
High
Unreviewed
CVE-2023-25184
was published
May 10, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2022-34333
was published
Apr 7, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0...
High
Unreviewed
CVE-2021-39434
was published
Dec 6, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the...
High
Unreviewed
CVE-2022-43030
was published
Nov 15, 2022
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password...
High
Unreviewed
CVE-2022-27558
was published
Aug 29, 2022
Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the...
High
Unreviewed
CVE-2022-34772
was published
Aug 23, 2022
Contract Management System v2.0 contains a weak default password which gives attackers to access...
High
Unreviewed
CVE-2022-35198
was published
Aug 19, 2022
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a...
High
Unreviewed
CVE-2022-36301
was published
Aug 2, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,...
High
Unreviewed
CVE-2022-28377
was published
Jul 15, 2022
ProTip!
Advisories are also available from the
GraphQL API