GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
55 advisories
Filter by severity
Possible
External Service Interaction attack
in eDirectory has been discovered in
OpenText™...
High
Unreviewed
CVE-2021-38133
was published
Sep 12, 2024
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote...
High
Unreviewed
CVE-2022-39997
was published
Aug 27, 2024
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords...
High
Unreviewed
CVE-2024-36789
was published
Jun 7, 2024
IBM Common Licensing 9.0 does not require that users should have strong passwords by default,...
High
Unreviewed
CVE-2024-40697
was published
Aug 13, 2024
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to...
High
Unreviewed
CVE-2024-25729
was published
Mar 8, 2024
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the...
High
Unreviewed
CVE-2020-11925
was published
May 24, 2022
The user management section of the web application permits the creation of user accounts with...
High
Unreviewed
CVE-2023-41923
was published
Jul 2, 2024
There are no requirements for setting a complex password in the built-in web server of the SNAP...
High
Unreviewed
CVE-2023-40707
was published
Aug 24, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered...
High
Unreviewed
CVE-2023-3089
was published
Jul 5, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2060
was published
Jun 2, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow...
High
Unreviewed
CVE-2023-25184
was published
May 10, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which...
High
Unreviewed
CVE-2023-25072
was published
May 10, 2023
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set...
High
Unreviewed
CVE-2019-18872
was published
May 24, 2022
gpw generates shorter passwords than required
High
Unreviewed
CVE-2011-4931
was published
Apr 22, 2022
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote...
High
Unreviewed
CVE-2020-11966
was published
May 24, 2022
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
High
Unreviewed
CVE-2023-43016
was published
Feb 3, 2024
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote...
High
Unreviewed
CVE-2023-41353
was published
Nov 3, 2023
IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules...
High
Unreviewed
CVE-2021-39064
was published
Dec 14, 2021
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2022-34333
was published
Apr 7, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should...
High
Unreviewed
CVE-2019-4067
was published
May 24, 2022
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2021-38935
was published
Feb 19, 2022
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0...
High
Unreviewed
CVE-2021-39434
was published
Dec 6, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04...
High
Unreviewed
CVE-2018-18562
was published
May 13, 2022
On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65...
High
Unreviewed
CVE-2018-15748
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API