GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
GraphQL queries can expose password hashes
Critical
GHSA-3p7g-wrgg-wq45
was published
for
ibexa/graphql
(Composer)
Nov 10, 2022
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric...
Critical
Unreviewed
CVE-2022-25157
was published
Apr 3, 2022
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an...
Critical
Unreviewed
CVE-2020-14516
was published
May 24, 2022
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager...
Critical
Unreviewed
CVE-2021-32519
was published
May 24, 2022
In Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that...
Critical
Unreviewed
CVE-2021-36767
was published
May 24, 2022
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker...
Critical
Unreviewed
CVE-2019-6563
was published
May 13, 2022
Davolink DVW-3200N all version prior to Version 1.00.06. The device generates a weak password...
Critical
Unreviewed
CVE-2018-10618
was published
May 13, 2022
Password recovery exploitation vulnerability in the non-certificate-based authentication...
Critical
Unreviewed
CVE-2017-3962
was published
May 13, 2022
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users...
Critical
Unreviewed
CVE-2018-15680
was published
May 13, 2022
crypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Critical
CVE-2023-46133
was published
for
crypto-es
(npm)
Oct 25, 2023
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Critical
CVE-2023-46233
was published
for
crypto-js
(npm)
Oct 25, 2023
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
Critical
Unreviewed
CVE-2019-17216
was published
May 24, 2022
PiiGAB M-Bus stores passwords using a weak hash algorithm.
Critical
Unreviewed
CVE-2023-34433
was published
Jul 7, 2023
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating...
Critical
Unreviewed
CVE-2019-19735
was published
May 24, 2022
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the...
Critical
Unreviewed
CVE-2020-12069
was published
Dec 26, 2022
ProTip!
Advisories are also available from the
GraphQL API