Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
An authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7... Moderate Unreviewed
CVE-2021-41696 was published Dec 10, 2021
Weak Password Requirements in GitHub repository weseek/growi prior to v5.0.0. Moderate Unreviewed
CVE-2022-1236 was published Apr 6, 2022
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks... Moderate Unreviewed
CVE-2018-5389 was published May 13, 2022
IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant... Moderate Unreviewed
CVE-2017-1386 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is... Moderate Unreviewed
CVE-2017-7150 was published May 13, 2022
** DISPUTED ** Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it... Moderate Unreviewed
CVE-2017-7305 was published May 13, 2022
** DISPUTED ** Riverbed RiOS through 9.6.0 has a weak default password for the secure vault,... Moderate Unreviewed
CVE-2017-7306 was published May 13, 2022
eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in... Moderate Unreviewed
CVE-2019-19093 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by... Moderate Unreviewed
CVE-2020-4574 was published May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify... Moderate Unreviewed
CVE-2020-27585 was published May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access... Moderate Unreviewed
CVE-2020-27587 was published May 24, 2022
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external... Moderate Unreviewed
CVE-2020-8296 was published May 24, 2022
A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could... Moderate Unreviewed
CVE-2021-1522 was published May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow the user to set a weak password because... Moderate Unreviewed
CVE-2021-28914 was published May 24, 2022
IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong... Moderate Unreviewed
CVE-2019-4565 was published May 24, 2022
A flaw was found in Samba, all versions starting samba 4.5.0 until samba 4.9.15, samba 4.10.10,... Moderate Unreviewed
CVE-2019-14833 was published May 24, 2022
rdiffweb vulnerable to password complexity bypass leading to weak passwords Moderate
CVE-2022-3326 was published for rdiffweb (pip) Sep 30, 2022
rdiffweb allows a new password to be the same as the previous password Moderate
CVE-2022-3376 was published for rdiffweb (pip) Oct 6, 2022
etcd has no minimum password length Moderate
CVE-2020-15115 was published for go.etcd.io/etcd/client/v3 (Go) Oct 6, 2022
phpMyFAQ has Weak Password Requirements Moderate
CVE-2023-0307 was published for thorsten/phpmyfaq (Composer) Jan 16, 2023
Publify contains Weak Password Requirements Moderate
CVE-2023-0569 was published for publify_core (RubyGems) Jan 29, 2023
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0... Moderate Unreviewed
CVE-2021-36689 was published Mar 4, 2023
phpMyFAQ has weak password requirements Moderate
CVE-2023-1753 was published for thorsten/phpmyfaq (Composer) Mar 31, 2023
Modoboa has Weak Password Requirements Moderate
CVE-2023-2160 was published for modoboa (pip) Apr 18, 2023
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1... Moderate Unreviewed
CVE-2023-3423 was published Jun 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database