GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

65 advisories

Filter by severity

Sort by

Least recently updated

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the... Moderate Unreviewed

CVE-2021-38400 was published May 24, 2022

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed

CVE-2021-33003 was published May 24, 2022

A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of... High Unreviewed

CVE-2021-32596 was published May 24, 2022

A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City (EVC1S22P4 /... High Unreviewed

CVE-2021-22774 was published May 24, 2022

Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager... Critical Unreviewed

CVE-2021-32519 was published May 24, 2022

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for... High Unreviewed

CVE-2020-25754 was published May 24, 2022

An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A... High Unreviewed

CVE-2019-20466 was published May 24, 2022

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an... Critical Unreviewed

CVE-2020-14516 was published May 24, 2022

Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long... High Unreviewed

CVE-2020-28873 was published May 24, 2022

Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500... Moderate Unreviewed

CVE-2020-6780 was published May 24, 2022

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative... Moderate Unreviewed

CVE-2020-27693 was published May 24, 2022

In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash... Moderate Unreviewed

CVE-2019-12305 was published May 24, 2022

Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow... Moderate Unreviewed

CVE-2020-0533 was published May 24, 2022

MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a... Moderate Unreviewed

CVE-2019-20062 was published May 24, 2022

class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating... Critical Unreviewed

CVE-2019-19735 was published May 24, 2022

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05... Critical Unreviewed

CVE-2019-17216 was published May 24, 2022

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a... Moderate Unreviewed

CVE-2019-12737 was published May 24, 2022

The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak... High Unreviewed

CVE-2020-16231 was published May 20, 2022

Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%... High Unreviewed

CVE-2018-9233 was published May 13, 2022

An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users... Critical Unreviewed

CVE-2018-15680 was published May 13, 2022

The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and... High Unreviewed

CVE-2018-1447 was published May 13, 2022

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... Moderate Unreviewed

CVE-2017-11131 was published May 13, 2022

Password recovery exploitation vulnerability in the non-certificate-based authentication... Critical Unreviewed

CVE-2017-3962 was published May 13, 2022

Davolink DVW-3200N all version prior to Version 1.00.06. The device generates a weak password... Critical Unreviewed

CVE-2018-10618 was published May 13, 2022

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker... Critical Unreviewed

CVE-2019-6563 was published May 13, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

65 advisories