Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12 advisories

Loading
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating... Critical Unreviewed
CVE-2019-19735 was published May 24, 2022
PiiGAB M-Bus stores passwords using a weak hash algorithm. Critical Unreviewed
CVE-2023-34433 was published Jul 7, 2023
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed
CVE-2019-17216 was published May 24, 2022
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the... Critical Unreviewed
CVE-2020-12069 was published Dec 26, 2022
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users... Critical Unreviewed
CVE-2018-15680 was published May 13, 2022
Password recovery exploitation vulnerability in the non-certificate-based authentication... Critical Unreviewed
CVE-2017-3962 was published May 13, 2022
Davolink DVW-3200N all version prior to Version 1.00.06. The device generates a weak password... Critical Unreviewed
CVE-2018-10618 was published May 13, 2022
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker... Critical Unreviewed
CVE-2019-6563 was published May 13, 2022
In Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that... Critical Unreviewed
CVE-2021-36767 was published May 24, 2022
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager... Critical Unreviewed
CVE-2021-32519 was published May 24, 2022
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an... Critical Unreviewed
CVE-2020-14516 was published May 24, 2022
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric... Critical Unreviewed
CVE-2022-25157 was published Apr 3, 2022
ProTip! Advisories are also available from the GraphQL API