Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,115
Maven
5,000+
npm
3,767
NuGet
680
pip
3,454
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

68 advisories

Loading
In Canon LBP223 printers, the System Manager Mode login does not require an account password or... High Unreviewed
CVE-2021-43471 was published Dec 7, 2021
A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port... High Unreviewed
CVE-2019-7676 was published May 13, 2022
Ansible Tower before version 3.2.4 has a flaw in the management of system and organization... High Unreviewed
CVE-2018-1101 was published May 13, 2022
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow... High Unreviewed
CVE-2018-0204 was published May 13, 2022
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity... High Unreviewed
CVE-2017-1597 was published May 13, 2022
The National Payments Corporation of India BHIM application 1.3 for Android relies on a four... High Unreviewed
CVE-2017-9818 was published May 13, 2022
On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65... High Unreviewed
CVE-2018-15748 was published May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04... High Unreviewed
CVE-2018-18562 was published May 13, 2022
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0... High Unreviewed
CVE-2021-39434 was published Dec 6, 2022
Weak Password Requirements in Daybyday CRM High
CVE-2022-22110 was published for bottelet/flarepoint (Composer) Jan 8, 2022
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by... High Unreviewed
CVE-2021-38935 was published Feb 19, 2022
Froxlor contains Weak Password Requirements High
CVE-2023-0564 was published for froxlor/froxlor (Composer) Jan 29, 2023
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should... High Unreviewed
CVE-2019-4067 was published May 24, 2022
Weak Password Requirements in thorsten/phpmyfaq High
CVE-2023-0793 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker... High Unreviewed
CVE-2022-45635 was published Mar 21, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by... High Unreviewed
CVE-2022-34333 was published Apr 7, 2023
Weak Password Requirements in calibreweb High
CVE-2023-2106 was published for calibreweb (pip) Apr 15, 2023
IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules... High Unreviewed
CVE-2021-39064 was published Dec 14, 2021
Answer has Weak Password Requirements High
CVE-2023-4125 was published for github.com/answerdev/answer (Go) Aug 3, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote... High Unreviewed
CVE-2023-41353 was published Nov 3, 2023
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-43016 was published Feb 3, 2024
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote... High Unreviewed
CVE-2020-11966 was published May 24, 2022
gpw generates shorter passwords than required High Unreviewed
CVE-2011-4931 was published Apr 22, 2022
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set... High Unreviewed
CVE-2019-18872 was published May 24, 2022
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database