Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

25 advisories

Loading
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password... Moderate Unreviewed
CVE-2022-0022 was published Mar 10, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes. Moderate Unreviewed
CVE-2022-23348 was published Mar 22, 2022
PostgreSQL uses the username for a salt when generating passwords, which makes it easier for... Moderate Unreviewed
CVE-2002-1657 was published Apr 30, 2022
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40... Moderate Unreviewed
CVE-2008-1526 was published May 1, 2022
Use of Password Hash With Insufficient Computational Effort in Apache Derby Moderate
CVE-2009-4269 was published for org.apache.derby:derby (Maven) May 2, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed
CVE-2022-24041 was published May 11, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... Moderate Unreviewed
CVE-2017-11131 was published May 13, 2022
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a... Moderate Unreviewed
CVE-2019-12737 was published May 24, 2022
MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a... Moderate Unreviewed
CVE-2019-20062 was published May 24, 2022
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow... Moderate Unreviewed
CVE-2020-0533 was published May 24, 2022
In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash... Moderate Unreviewed
CVE-2019-12305 was published May 24, 2022
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative... Moderate Unreviewed
CVE-2020-27693 was published May 24, 2022
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500... Moderate Unreviewed
CVE-2020-6780 was published May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed
CVE-2021-33003 was published May 24, 2022
An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the... Moderate Unreviewed
CVE-2021-38400 was published May 24, 2022
net-ldap has weak salt when generating passwords Moderate
CVE-2014-0083 was published for net-ldap (RubyGems) May 24, 2022
Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA ... Moderate Unreviewed
CVE-2021-22741 was published May 24, 2022
The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered... Moderate Unreviewed
CVE-2021-38314 was published May 24, 2022
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes... Moderate Unreviewed
CVE-2022-29731 was published Jun 3, 2022
The application was vulnerable to an authenticated information disclosure, allowing... Moderate Unreviewed
CVE-2022-40295 was published Nov 1, 2022
AMI Megarac Weak password hashes for Redfish & API Moderate Unreviewed
CVE-2022-40258 was published Jan 31, 2023
Password Shucking Vulnerability Moderate
CVE-2023-27580 was published for codeigniter4/shield (Composer) Mar 13, 2023
jreklund
Buttercup allows attackers to obtain the hash of the master password Moderate
CVE-2023-41646 was published for buttercup (npm) Sep 8, 2023
perry-mitchell
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in ekorCCP and ekorRCI that could allow an... Moderate Unreviewed
CVE-2022-47557 was published Sep 19, 2023
Serverpod improved security for stored password hashes Moderate
CVE-2024-29886 was published for serverpod_auth_server (Pub) Mar 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database