GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
166 advisories
Filter by severity
phpMyFAQ has weak password requirements
Moderate
CVE-2023-1753
was published
for
thorsten/phpmyfaq
(Composer)
Mar 31, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0...
Moderate
Unreviewed
CVE-2021-36689
was published
Mar 4, 2023
Weak Password Requirements in thorsten/phpmyfaq
High
CVE-2023-0793
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been...
Critical
Unreviewed
CVE-2023-0641
was published
Feb 2, 2023
A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain...
Critical
Unreviewed
CVE-2022-32513
was published
Jan 31, 2023
Publify contains Weak Password Requirements
Moderate
CVE-2023-0569
was published
for
publify_core
(RubyGems)
Jan 29, 2023
Froxlor contains Weak Password Requirements
High
CVE-2023-0564
was published
for
froxlor/froxlor
(Composer)
Jan 29, 2023
phpMyFAQ has Weak Password Requirements
Moderate
CVE-2023-0307
was published
for
thorsten/phpmyfaq
(Composer)
Jan 16, 2023
Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak...
Critical
Unreviewed
CVE-2022-44236
was published
Dec 15, 2022
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0...
High
Unreviewed
CVE-2021-39434
was published
Dec 6, 2022
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting,...
Critical
Unreviewed
CVE-2022-45482
was published
Dec 2, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the...
High
Unreviewed
CVE-2022-43030
was published
Nov 15, 2022
phpMyFAQ contains Weak Password Requirements
Critical
CVE-2022-3754
was published
for
thorsten/phpmyfaq
(Composer)
Oct 29, 2022
etcd has no minimum password length
Moderate
CVE-2020-15115
was published
for
go.etcd.io/etcd/client/v3
(Go)
Oct 6, 2022
rdiffweb allows a new password to be the same as the previous password
Moderate
CVE-2022-3376
was published
for
rdiffweb
(pip)
Oct 6, 2022
rdiffweb vulnerable to password complexity bypass leading to weak passwords
Moderate
CVE-2022-3326
was published
for
rdiffweb
(pip)
Sep 30, 2022
Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2.
Critical
Unreviewed
CVE-2022-3268
was published
Sep 23, 2022
rdiffweb contains Weak Password Requirements
High
CVE-2022-3179
was published
for
rdiffweb
(pip)
Sep 14, 2022
Inoda OnTrack v3.4 employs a weak password policy which allows attackers to potentially gain...
Critical
Unreviewed
CVE-2022-37164
was published
Sep 9, 2022
Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially...
Critical
Unreviewed
CVE-2022-37163
was published
Sep 9, 2022
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password...
High
Unreviewed
CVE-2022-27558
was published
Aug 29, 2022
RuoYi v3.8.3 has a Weak password vulnerability in the management system.
Critical
Unreviewed
CVE-2022-37158
was published
Aug 26, 2022
Missing password strength check in notrinos/notrinos-erp
High
CVE-2022-2927
was published
for
notrinos/notrinos-erp
(Composer)
Aug 23, 2022
Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the...
High
Unreviewed
CVE-2022-34772
was published
Aug 23, 2022
ProTip!
Advisories are also available from the
GraphQL API