Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
An access control vulnerability in Hame SD1 Wi-Fi firmware <=V.20140224154640 allows an attacker... Critical Unreviewed
CVE-2021-26797 was published May 24, 2022
A weak password requirement vulnerability exists in the Create New User function of MintHCM... Critical Unreviewed
CVE-2021-25839 was published May 24, 2022
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the... High Unreviewed
CVE-2020-11925 was published May 24, 2022
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external... Moderate Unreviewed
CVE-2020-8296 was published May 24, 2022
The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not... High Unreviewed
CVE-2020-25153 was published May 24, 2022
Versions of the Official teamspeak Docker images through 3.6.0 contain a blank password for the... Critical Unreviewed
CVE-2020-29590 was published May 24, 2022
Versions of the Official registry Docker images through 2.7.0 contain a blank password for the... Critical Unreviewed
CVE-2020-29591 was published May 24, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating... Critical Unreviewed
CVE-2020-26201 was published May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify... Moderate Unreviewed
CVE-2020-27585 was published May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access... Moderate Unreviewed
CVE-2020-27587 was published May 24, 2022
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users'... Low Unreviewed
CVE-2020-8956 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by... Moderate Unreviewed
CVE-2020-4574 was published May 24, 2022
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set... High Unreviewed
CVE-2019-18872 was published May 24, 2022
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak... High Unreviewed
CVE-2020-8790 was published May 24, 2022
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote... High Unreviewed
CVE-2020-11966 was published May 24, 2022
eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in... Moderate Unreviewed
CVE-2019-19093 was published May 24, 2022
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a... Low Unreviewed
CVE-2020-8632 was published May 24, 2022
Plone allows weak passwords High
CVE-2020-7940 was published for Plone (pip) May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability.... Critical Unreviewed
CVE-2019-3758 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1).... Critical Unreviewed
CVE-2019-13918 was published May 24, 2022
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should... High Unreviewed
CVE-2019-4067 was published May 24, 2022
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud... Critical Unreviewed
CVE-2019-9950 was published May 24, 2022
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Critical Unreviewed
CVE-2022-1775 was published May 21, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19064 was published May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04... High Unreviewed
CVE-2018-18562 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database