Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

27 advisories

Loading
Liferay Portal Uses Default Password Moderate
CVE-2025-43799 was published for com.liferay.portal:release.portal.bom (Maven) Sep 15, 2025
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown... Low Unreviewed
CVE-2025-9589 was published Aug 29, 2025
NeuVector admin account has insecure default password Critical
CVE-2025-8077 was published for github.com/neuvector/neuvector (Go) Aug 28, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43021 was published Jul 23, 2025
70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2025-2766 was published Jun 6, 2025
ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user... Moderate Unreviewed
CVE-2024-13966 was published May 27, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password... Critical Unreviewed
CVE-2025-27690 was published Apr 10, 2025
Adtran 411 ONT L80.00.0011.M2 was discovered to contain weak default passwords. Critical Unreviewed
CVE-2025-22938 was published Mar 31, 2025
A vulnerability classified as critical has been found in Netis WF-2404 1.1.124EN. Affected is an... Moderate Unreviewed
CVE-2025-2921 was published Mar 28, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an... High Unreviewed
CVE-2024-49559 was published Mar 17, 2025
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308 and classified as problematic.... Moderate Unreviewed
CVE-2025-2347 was published Mar 16, 2025
An issue was discovered in Percona PMM Server (OVA) before 3.0.0-1.ova. The default service... Critical Unreviewed
CVE-2025-26701 was published Mar 11, 2025
A vulnerability has been found in i-Drive i11 and i12 up to 20250227 and classified as... Low Unreviewed
CVE-2025-1878 was published Mar 3, 2025
The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through... Critical Unreviewed
CVE-2025-26793 was published Feb 15, 2025
Default Credentail vulnerabilities allows access to an Aspect device using publicly available... Critical Unreviewed
CVE-2024-51555 was published Dec 5, 2024
An unauthenticated attacker with access to the local network of the medical office can use known... Critical Unreviewed
CVE-2024-50588 was published Nov 8, 2024
Snipe-IT remote code execution High
CVE-2024-48987 was published for snipe/snipe-it (Composer) Oct 11, 2024
An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file... Moderate Unreviewed
CVE-2024-36440 was published Aug 22, 2024
Remote command execution due to use of default passwords. The following products are affected:... Critical Unreviewed
CVE-2023-45249 was published Jul 24, 2024
An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges... Critical Unreviewed
CVE-2024-30802 was published May 14, 2024
Insecure Permissions vulnerability in Vehicle Monitoring platform system CMSV6 v.7.31.0.2 through... Critical Unreviewed
CVE-2024-29666 was published Mar 25, 2024
IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products... High Unreviewed
CVE-2023-43042 was published Dec 14, 2023
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain... Critical Unreviewed
CVE-2023-24049 was published Dec 5, 2023
Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default... Critical Unreviewed
CVE-2023-32090 was published Aug 7, 2023
Pega platform clients who are using versions 6.1 through 8.8.3 and have upgraded from a version... High Unreviewed
CVE-2023-28094 was published Jun 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database