Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

65 advisories

Loading
Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements... Moderate Unreviewed
CVE-2024-55057 was published Dec 17, 2024
Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona... Moderate Unreviewed
CVE-2024-7701 was published Dec 15, 2024
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the... Critical Unreviewed
CVE-2020-12069 was published Dec 26, 2022
Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to... High Unreviewed
CVE-2024-23091 was published Jul 30, 2024
An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A... High Unreviewed
CVE-2019-20466 was published May 24, 2022
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the... High Unreviewed
CVE-2024-3183 was published Jun 12, 2024
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could... Unknown Unreviewed
CVE-2024-24553 was published Jun 24, 2024
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting... Low Unreviewed
CVE-2024-21754 was published Jun 11, 2024
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating... Critical Unreviewed
CVE-2019-19735 was published May 24, 2022
The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an... High Unreviewed
CVE-2023-31412 was published Aug 24, 2023
PiiGAB M-Bus stores passwords using a weak hash algorithm. Critical Unreviewed
CVE-2023-34433 was published Jul 7, 2023
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows... High Unreviewed
CVE-2023-33243 was published Jun 15, 2023
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed
CVE-2019-17216 was published May 24, 2022
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a... Moderate Unreviewed
CVE-2019-12737 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in ekorCCP and ekorRCI that could allow an... Moderate Unreviewed
CVE-2022-47557 was published Sep 19, 2023
A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by... Low Unreviewed
CVE-2024-2365 was published Mar 11, 2024
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40... Moderate Unreviewed
CVE-2008-1526 was published May 1, 2022
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting... High Unreviewed
CVE-2001-0967 was published Apr 30, 2022
CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the... High Unreviewed
CVE-2005-0408 was published May 1, 2022
PostgreSQL uses the username for a salt when generating passwords, which makes it easier for... Moderate Unreviewed
CVE-2002-1657 was published Apr 30, 2022
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local... Low Unreviewed
CVE-2006-1058 was published May 1, 2022
The Priva TopControl Suite contains predictable credentials for the SSH service, based on the... High Unreviewed
CVE-2022-3010 was published Jan 2, 2024
A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901.... Low Unreviewed
CVE-2023-4986 was published Sep 15, 2023
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers... High Unreviewed
CVE-2023-5846 was published Nov 2, 2023
The application was vulnerable to an authenticated information disclosure, allowing... Moderate Unreviewed
CVE-2022-40295 was published Nov 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database