Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

201 advisories

Loading
A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. This issue affects some... Low Unreviewed
CVE-2025-10320 was published Sep 12, 2025
A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function... Moderate Unreviewed
CVE-2025-9514 was published Aug 27, 2025
Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4... Critical Unreviewed
CVE-2025-25737 was published Aug 26, 2025
An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's... Moderate Unreviewed
CVE-2025-51543 was published Aug 19, 2025
A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical.... Moderate Unreviewed
CVE-2025-8549 was published Aug 5, 2025
Quantum SuperLoader 3 V94.0 005E.0h devices allow attackers to access the hardcoded fa account... Moderate Unreviewed
CVE-2019-19145 was published Aug 1, 2025
A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8182 was published Jul 26, 2025
Weak Password Requirements vulnerability in Mitsubishi Electric Corporation photovoltaic system... Moderate Unreviewed
CVE-2025-5022 was published Jul 10, 2025
File Browser vulnerable to insecure password handling Moderate
CVE-2025-52997 was published for github.com/filebrowser/filebrowser (Go) Jun 30, 2025
mtausig hacdias
Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a... Critical Unreviewed
CVE-2025-28389 was published Jun 13, 2025
IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by... Moderate Unreviewed
CVE-2024-22330 was published Jun 6, 2025
A vulnerability, which was classified as problematic, has been found in SunGrow Logger1000 01_A.... Moderate Unreviewed
CVE-2025-4534 was published May 11, 2025
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1,... Moderate Unreviewed
CVE-2025-1993 was published May 9, 2025
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which... Critical Unreviewed
CVE-2025-28200 was published May 9, 2025
An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all... Critical Unreviewed
CVE-2025-26847 was published May 8, 2025
IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into... Low Unreviewed
CVE-2023-27272 was published Apr 14, 2025
Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If... Critical Unreviewed
CVE-2025-25211 was published Mar 31, 2025
MLflow has Weak Password Requirements Low
CVE-2025-1474 was published for mlflow (pip) Mar 20, 2025
Spring Security Does Not Enforce Password Length High
CVE-2025-22228 was published for org.springframework.security:spring-security-crypto (Maven) Mar 20, 2025
An issue in HotelDruid version 3.0.7 and earlier allows users to set weak passwords due to the... High Unreviewed
CVE-2025-25749 was published Mar 11, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27663 was published Mar 5, 2025
IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong... Moderate Unreviewed
CVE-2024-41778 was published Mar 1, 2025
A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. This affects an... Moderate Unreviewed
CVE-2025-1341 was published Feb 16, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-35907 was published Jan 29, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-37398 was published Jan 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database