GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
Serverpod improved security for stored password hashes
Moderate
CVE-2024-29886
was published
for
serverpod_auth_server
(Pub)
Mar 28, 2024
** UNSUPPPORTED WHEN ASSIGNED ** Vulnerability in ekorCCP and ekorRCI that could allow an...
Moderate
Unreviewed
CVE-2022-47557
was published
Sep 19, 2023
Buttercup allows attackers to obtain the hash of the master password
Moderate
CVE-2023-41646
was published
for
buttercup
(npm)
Sep 8, 2023
Password Shucking Vulnerability
Moderate
CVE-2023-27580
was published
for
codeigniter4/shield
(Composer)
Mar 13, 2023
AMI Megarac Weak password hashes for Redfish & API
Moderate
Unreviewed
CVE-2022-40258
was published
Jan 31, 2023
The application was vulnerable to an authenticated information disclosure, allowing...
Moderate
Unreviewed
CVE-2022-40295
was published
Nov 1, 2022
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes...
Moderate
Unreviewed
CVE-2022-29731
was published
Jun 3, 2022
Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA ...
Moderate
Unreviewed
CVE-2021-22741
was published
May 24, 2022
The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered...
Moderate
Unreviewed
CVE-2021-38314
was published
May 24, 2022
net-ldap has weak salt when generating passwords
Moderate
CVE-2014-0083
was published
for
net-ldap
(RubyGems)
May 24, 2022
An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the...
Moderate
Unreviewed
CVE-2021-38400
was published
May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords...
Moderate
Unreviewed
CVE-2021-33003
was published
May 24, 2022
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500...
Moderate
Unreviewed
CVE-2020-6780
was published
May 24, 2022
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative...
Moderate
Unreviewed
CVE-2020-27693
was published
May 24, 2022
In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash...
Moderate
Unreviewed
CVE-2019-12305
was published
May 24, 2022
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow...
Moderate
Unreviewed
CVE-2020-0533
was published
May 24, 2022
MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a...
Moderate
Unreviewed
CVE-2019-20062
was published
May 24, 2022
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a...
Moderate
Unreviewed
CVE-2019-12737
was published
May 24, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for...
Moderate
Unreviewed
CVE-2017-11131
was published
May 13, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ...
Moderate
Unreviewed
CVE-2022-24041
was published
May 11, 2022
Use of Password Hash With Insufficient Computational Effort in Apache Derby
Moderate
CVE-2009-4269
was published
for
org.apache.derby:derby
(Maven)
May 2, 2022
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40...
Moderate
Unreviewed
CVE-2008-1526
was published
May 1, 2022
PostgreSQL uses the username for a salt when generating passwords, which makes it easier for...
Moderate
Unreviewed
CVE-2002-1657
was published
Apr 30, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
Moderate
Unreviewed
CVE-2022-23348
was published
Mar 22, 2022
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password...
Moderate
Unreviewed
CVE-2022-0022
was published
Mar 10, 2022
ProTip!
Advisories are also available from the
GraphQL API