GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
158 advisories
Filter by severity
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via...
Critical
Unreviewed
CVE-2023-29974
was published
Nov 8, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote...
High
Unreviewed
CVE-2023-41353
was published
Nov 3, 2023
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the...
Critical
Unreviewed
CVE-2023-37503
was published
Oct 19, 2023
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for...
Critical
Unreviewed
CVE-2023-37756
was published
Sep 14, 2023
There are no requirements for setting a complex password in the built-in web server of the SNAP...
High
Unreviewed
CVE-2023-40707
was published
Aug 24, 2023
Answer has Weak Password Requirements
High
CVE-2023-4125
was published
for
github.com/answerdev/answer
(Go)
Aug 3, 2023
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password...
Moderate
Unreviewed
CVE-2023-3470
was published
Aug 2, 2023
There are no requirements for setting a complex password for PiiGAB M-Bus, which...
Critical
Unreviewed
CVE-2023-34995
was published
Jul 7, 2023
Apache InLong has Weak Password Requirements in Apache InLong
Critical
CVE-2023-31098
was published
for
org.apache.inlong:manager-pojo
(Maven)
Jul 6, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered...
High
Unreviewed
CVE-2023-3089
was published
Jul 5, 2023
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1...
Moderate
Unreviewed
CVE-2023-3423
was published
Jun 27, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2060
was published
Jun 2, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow...
High
Unreviewed
CVE-2023-25184
was published
May 10, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which...
High
Unreviewed
CVE-2023-25072
was published
May 10, 2023
Modoboa has Weak Password Requirements
Moderate
CVE-2023-2160
was published
for
modoboa
(pip)
Apr 18, 2023
Weak Password Requirements in calibreweb
High
CVE-2023-2106
was published
for
calibreweb
(pip)
Apr 15, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2022-34333
was published
Apr 7, 2023
phpMyFAQ has weak password requirements
Moderate
CVE-2023-1753
was published
for
thorsten/phpmyfaq
(Composer)
Mar 31, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0...
Moderate
Unreviewed
CVE-2021-36689
was published
Mar 4, 2023
Weak Password Requirements in thorsten/phpmyfaq
High
CVE-2023-0793
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been...
Critical
Unreviewed
CVE-2023-0641
was published
Feb 2, 2023
A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain...
Critical
Unreviewed
CVE-2022-32513
was published
Jan 31, 2023
Publify contains Weak Password Requirements
Moderate
CVE-2023-0569
was published
for
publify_core
(RubyGems)
Jan 29, 2023
Froxlor contains Weak Password Requirements
High
CVE-2023-0564
was published
for
froxlor/froxlor
(Composer)
Jan 29, 2023
ProTip!
Advisories are also available from the
GraphQL API