GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
58 advisories
Filter by severity
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement...
High
Unreviewed
CVE-2022-29098
was published
Jun 2, 2022
Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password...
High
Unreviewed
CVE-2022-29729
was published
Jun 3, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key...
High
Unreviewed
CVE-2022-30325
was published
Jun 17, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,...
High
Unreviewed
CVE-2022-28377
was published
Jul 15, 2022
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a...
High
Unreviewed
CVE-2022-36301
was published
Aug 2, 2022
IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for...
High
Unreviewed
CVE-2019-4321
was published
May 24, 2022
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong...
High
Unreviewed
CVE-2019-4235
was published
May 24, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the...
High
Unreviewed
CVE-2022-43030
was published
Nov 15, 2022
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak...
High
Unreviewed
CVE-2020-8790
was published
May 24, 2022
Contract Management System v2.0 contains a weak default password which gives attackers to access...
High
Unreviewed
CVE-2022-35198
was published
Aug 19, 2022
The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not...
High
Unreviewed
CVE-2020-25153
was published
May 24, 2022
A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long...
High
Unreviewed
CVE-2022-29700
was published
Apr 28, 2022
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password...
High
Unreviewed
CVE-2022-27558
was published
Aug 29, 2022
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace...
High
Unreviewed
CVE-2021-36808
was published
May 24, 2022
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before...
High
Unreviewed
CVE-2020-15369
was published
May 24, 2022
In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not...
High
Unreviewed
CVE-2021-25923
was published
May 24, 2022
Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the...
High
Unreviewed
CVE-2022-34772
was published
Aug 23, 2022
RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived...
High
Unreviewed
CVE-2012-2441
was published
May 13, 2022
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T...
High
Unreviewed
CVE-2018-6312
was published
May 13, 2022
On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Security Suite Enterprise...
High
Unreviewed
CVE-2018-15766
was published
May 13, 2022
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not require that users...
High
Unreviewed
CVE-2018-1680
was published
May 13, 2022
IBM Security Identity Manager 6.0.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2018-1956
was published
May 13, 2022
Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM20 allows an attacker to...
High
Unreviewed
CVE-2021-40333
was published
Dec 3, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that users should have strong passwords...
High
Unreviewed
CVE-2021-20470
was published
Dec 4, 2021
In Canon LBP223 printers, the System Manager Mode login does not require an account password or...
High
Unreviewed
CVE-2021-43471
was published
Dec 7, 2021
ProTip!
Advisories are also available from the
GraphQL API