GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
146 advisories
Filter by severity
Weak Password Requirements in GitHub repository weseek/growi prior to v5.0.0.
Moderate
Unreviewed
CVE-2022-1236
was published
Apr 6, 2022
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access...
Critical
Unreviewed
CVE-2022-1039
was published
Apr 21, 2022
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement...
High
Unreviewed
CVE-2022-29098
was published
Jun 2, 2022
Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password...
High
Unreviewed
CVE-2022-29729
was published
Jun 3, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating...
Critical
Unreviewed
CVE-2020-26201
was published
May 24, 2022
Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1.
Critical
Unreviewed
CVE-2022-2098
was published
Jun 17, 2022
Weak default root user credentials allow remote attackers to easily obtain OS superuser...
Critical
Unreviewed
CVE-2022-1668
was published
Jun 25, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key...
High
Unreviewed
CVE-2022-30325
was published
Jun 17, 2022
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices,...
High
Unreviewed
CVE-2022-28377
was published
Jul 15, 2022
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET...
Critical
Unreviewed
CVE-2022-31211
was published
Jul 18, 2022
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a...
High
Unreviewed
CVE-2022-36301
was published
Aug 2, 2022
Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak...
Critical
Unreviewed
CVE-2022-44236
was published
Dec 15, 2022
IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for...
High
Unreviewed
CVE-2019-4321
was published
May 24, 2022
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong...
High
Unreviewed
CVE-2019-4235
was published
May 24, 2022
Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the...
High
Unreviewed
CVE-2022-43030
was published
Nov 15, 2022
Mealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain...
Critical
Unreviewed
CVE-2022-34615
was published
Aug 20, 2022
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
Critical
Unreviewed
CVE-2022-1775
was published
May 21, 2022
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a...
Low
Unreviewed
CVE-2020-8632
was published
May 24, 2022
RuoYi v3.8.3 has a Weak password vulnerability in the management system.
Critical
Unreviewed
CVE-2022-37158
was published
Aug 26, 2022
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak...
High
Unreviewed
CVE-2020-8790
was published
May 24, 2022
Contract Management System v2.0 contains a weak default password which gives attackers to access...
High
Unreviewed
CVE-2022-35198
was published
Aug 19, 2022
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users'...
Low
Unreviewed
CVE-2020-8956
was published
May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify...
Moderate
Unreviewed
CVE-2020-27585
was published
May 24, 2022
The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not...
High
Unreviewed
CVE-2020-25153
was published
May 24, 2022
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access...
Moderate
Unreviewed
CVE-2020-27587
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API