GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
63 advisories
Filter by severity
IBM Cognos Analytics 11.1.7 and 11.2.0 does not require that users should have strong passwords...
High
Unreviewed
CVE-2021-20470
was published
Dec 4, 2021
In Canon LBP223 printers, the System Manager Mode login does not require an account password or...
High
Unreviewed
CVE-2021-43471
was published
Dec 7, 2021
A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port...
High
Unreviewed
CVE-2019-7676
was published
May 13, 2022
Ansible Tower before version 3.2.4 has a flaw in the management of system and organization...
High
Unreviewed
CVE-2018-1101
was published
May 13, 2022
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow...
High
Unreviewed
CVE-2018-0204
was published
May 13, 2022
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity...
High
Unreviewed
CVE-2017-1597
was published
May 13, 2022
The National Payments Corporation of India BHIM application 1.3 for Android relies on a four...
High
Unreviewed
CVE-2017-9818
was published
May 13, 2022
On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65...
High
Unreviewed
CVE-2018-15748
was published
May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04...
High
Unreviewed
CVE-2018-18562
was published
May 13, 2022
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0...
High
Unreviewed
CVE-2021-39434
was published
Dec 6, 2022
Weak Password Requirements in Daybyday CRM
High
CVE-2022-22110
was published
for
bottelet/flarepoint
(Composer)
Jan 8, 2022
IBM Maximo Asset Management 7.6.1.2 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2021-38935
was published
Feb 19, 2022
Froxlor contains Weak Password Requirements
High
CVE-2023-0564
was published
for
froxlor/froxlor
(Composer)
Jan 29, 2023
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should...
High
Unreviewed
CVE-2019-4067
was published
May 24, 2022
Weak Password Requirements in thorsten/phpmyfaq
High
CVE-2023-0793
was published
for
thorsten/phpmyfaq
(Composer)
Feb 12, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker...
High
Unreviewed
CVE-2022-45635
was published
Mar 21, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by...
High
Unreviewed
CVE-2022-34333
was published
Apr 7, 2023
Weak Password Requirements in calibreweb
High
CVE-2023-2106
was published
for
calibreweb
(pip)
Apr 15, 2023
IBM Spectrum Copy Data Management 2.2.13 and earlier has weak authentication and password rules...
High
Unreviewed
CVE-2021-39064
was published
Dec 14, 2021
Answer has Weak Password Requirements
High
CVE-2023-4125
was published
for
github.com/answerdev/answer
(Go)
Aug 3, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote...
High
Unreviewed
CVE-2023-41353
was published
Nov 3, 2023
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
High
Unreviewed
CVE-2023-43016
was published
Feb 3, 2024
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote...
High
Unreviewed
CVE-2020-11966
was published
May 24, 2022
gpw generates shorter passwords than required
High
Unreviewed
CVE-2011-4931
was published
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API