Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

166 advisories

Loading
rdiffweb allows a new password to be the same as the previous password Moderate
CVE-2022-3376 was published for rdiffweb (pip) Oct 6, 2022
etcd has no minimum password length Moderate
CVE-2020-15115 was published for go.etcd.io/etcd/client/v3 (Go) Oct 6, 2022
phpMyFAQ contains Weak Password Requirements Critical
CVE-2022-3754 was published for thorsten/phpmyfaq (Composer) Oct 29, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the... High Unreviewed
CVE-2022-43030 was published Nov 15, 2022
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting,... Critical Unreviewed
CVE-2022-45482 was published Dec 2, 2022
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0... High Unreviewed
CVE-2021-39434 was published Dec 6, 2022
Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak... Critical Unreviewed
CVE-2022-44236 was published Dec 15, 2022
phpMyFAQ has Weak Password Requirements Moderate
CVE-2023-0307 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
Froxlor contains Weak Password Requirements High
CVE-2023-0564 was published for froxlor/froxlor (Composer) Jan 29, 2023
Publify contains Weak Password Requirements Moderate
CVE-2023-0569 was published for publify_core (RubyGems) Jan 29, 2023
A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain... Critical Unreviewed
CVE-2022-32513 was published Jan 31, 2023
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been... Critical Unreviewed
CVE-2023-0641 was published Feb 2, 2023
Weak Password Requirements in thorsten/phpmyfaq High
CVE-2023-0793 was published for thorsten/phpmyfaq (Composer) Feb 12, 2023
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0... Moderate Unreviewed
CVE-2021-36689 was published Mar 4, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker... High Unreviewed
CVE-2022-45635 was published Mar 21, 2023
phpMyFAQ has weak password requirements Moderate
CVE-2023-1753 was published for thorsten/phpmyfaq (Composer) Mar 31, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by... High Unreviewed
CVE-2022-34333 was published Apr 7, 2023
Weak Password Requirements in calibreweb High
CVE-2023-2106 was published for calibreweb (pip) Apr 15, 2023
Modoboa has Weak Password Requirements Moderate
CVE-2023-2160 was published for modoboa (pip) Apr 18, 2023
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which... High Unreviewed
CVE-2023-25072 was published May 10, 2023
Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow... High Unreviewed
CVE-2023-25184 was published May 10, 2023
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2060 was published Jun 2, 2023
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1... Moderate Unreviewed
CVE-2023-3423 was published Jun 27, 2023
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered... High Unreviewed
CVE-2023-3089 was published Jul 5, 2023
Apache InLong has Weak Password Requirements in Apache InLong Critical
CVE-2023-31098 was published for org.apache.inlong:manager-pojo (Maven) Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database